urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
URL: https://reurl.cc/gaOWLp
Submission Tags: gc
Submission: On December 09 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 70 IPs in 7 countries across 53 domains to perform 404 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 116978.
TLS certificate: Issued by R3 on November 18th 2023. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35.185.130.121 396982 (GOOGLE-CL...)
2 2a04:4e42:600... 54113 (FASTLY)
5 34.149.98.30 396982 (GOOGLE-CL...)
1 151.101.1.55 54113 (FASTLY)
1 2404:6800:400... 15169 (GOOGLE)
1 13 2404:6800:400... 15169 (GOOGLE)
13 2a03:2880:f10... 32934 (FACEBOOK)
1 35.244.196.223 15169 (GOOGLE)
62 2a03:2880:f00... 32934 (FACEBOOK)
3 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
4 2406:2600:4::1 55569 (CRITEO-AS...)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 18.65.185.71 16509 (AMAZON-02)
6 2404:6800:400... 15169 (GOOGLE)
1 34.117.23.234 396982 (GOOGLE-CL...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 61.216.47.122 3462 (HINET Dat...)
1 192.0.78.25 2635 (AUTOMATTIC)
1 34.149.120.3 396982 (GOOGLE-CL...)
1 2600:9000:20c... 16509 (AMAZON-02)
1 192.0.77.2 2635 (AUTOMATTIC)
1 192.0.78.236 2635 (AUTOMATTIC)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
4 2404:6800:400... 15169 (GOOGLE)
1 18.138.89.19 16509 (AMAZON-02)
5 34.98.64.218 396982 (GOOGLE-CL...)
2 2 3.33.220.150 16509 (AMAZON-02)
1 1 211.120.53.204 4694 (IDCF IDC ...)
2 2 99.84.133.75 16509 (AMAZON-02)
10 21 142.251.222.2 15169 (GOOGLE)
6 2404:6800:400... 15169 (GOOGLE)
45 2404:6800:400... 15169 (GOOGLE)
1 2 35.74.211.183 16509 (AMAZON-02)
28 2404:6800:400... 15169 (GOOGLE)
12 2404:6800:400... 15169 (GOOGLE)
2 4 2406:2600:4::b 55569 (CRITEO-AS...)
3 3 202.233.84.8 131957 (MICROAD M...)
1 2001:df2:a300... 6336 (TURN-US-ASN)
3 2600:9000:20c... 16509 (AMAZON-02)
9 2600:1f18:1ac... 14618 (AMAZON-AES)
21 2600:9000:20e... 16509 (AMAZON-02)
8 2600:140b:a80... 20940 (AKAMAI-ASN1)
2 182.161.74.11 55569 (CRITEO-AS...)
5 9 172.64.151.101 13335 (CLOUDFLAR...)
2 116.50.36.71 18046 (DONGFONG-...)
4 18.182.111.97 16509 (AMAZON-02)
2 34.95.67.231 396982 (GOOGLE-CL...)
2 52.192.40.163 16509 (AMAZON-02)
12 203.75.214.136 3462 (HINET Dat...)
2 4 35.201.76.93 396982 (GOOGLE-CL...)
2 35.227.249.156 15169 (GOOGLE)
6 52.197.5.4 16509 (AMAZON-02)
6 142.251.42.198 15169 (GOOGLE)
6 34.149.43.113 396982 (GOOGLE-CL...)
4 142.250.196.130 15169 (GOOGLE)
1 103.132.192.30 138552 (RTBHOUSE-...)
1 210.59.219.34 3462 (HINET Dat...)
6 12 35.190.36.98 15169 (GOOGLE)
6 6 139.162.78.222 63949 (AKAMAI-LI...)
2 2406:2600:4::12 55569 (CRITEO-AS...)
1 2a03:2880:f00... 32934 (FACEBOOK)
2 2a03:2880:f00... 32934 (FACEBOOK)
31 2a03:2880:f00... 32934 (FACEBOOK)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 202.232.238.37 2497 (IIJ Inter...)
2 2 35.213.12.39 15169 (GOOGLE)
1 1 2406:da18:929... 16509 (AMAZON-02)
2 2 185.84.60.20 198622 (ADFORM)
1 1 3.0.243.35 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
2 142.250.199.98 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
404 70
1    35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    34.149.98.30 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.98.149.34.bc.googleusercontent.com
storage.reurl.cc
1    151.101.1.55 (United States)

ASN54113 (FASTLY, US)
anymind360.com
1    2404:6800:4004:81e::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2404:6800:4004:821::2002 (Australia)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
13    2a03:2880:f10f:187:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
62    2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
3    2404:6800:4004:820::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2404:6800:4008:c01::9d (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2404:6800:4004:80f::200e (Australia)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2404:6800:4004:818::2003 (Australia)

ASN15169 (GOOGLE, US)
www.google.co.jp
4    2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    18.65.185.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-71.nrt57.r.cloudfront.net
tags.crwdcntrl.net
6    2404:6800:4004:822::2001 (Australia)

ASN15169 (GOOGLE, US)
3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
1    34.117.23.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.23.117.34.bc.googleusercontent.com
asset.re-news.tw
1    2606:4700:3034::6815:6009 (United States)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    2606:4700::6811:eec2 (United States)

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    61.216.47.122 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-216-47-122.hinet-ip.hinet.net
img.racingcharger.tw
1    192.0.78.25 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    34.149.120.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.120.149.34.bc.googleusercontent.com
www.rayskyinvest.com
1    2600:9000:20c4:a000:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.wixstatic.com
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i0.wp.com
1    192.0.78.236 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
4    2404:6800:4004:824::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
1    18.138.89.19 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-89-19.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
jp-u.openx.net
2    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    211.120.53.204 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    99.84.133.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-75.nrt57.r.cloudfront.net
cr-p3.ladsp.com
21    142.251.222.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f2.1e100.net
cm.g.doubleclick.net
6    2404:6800:4004:828::2002 (Australia)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
45    2404:6800:4004:80c::2002 (Australia)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    35.74.211.183 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-74-211-183.ap-northeast-1.compute.amazonaws.com
fw.adsafeprotected.com
28    2404:6800:4004:826::2001 (Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
12    2404:6800:4004:81f::2002 (Australia)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2406:2600:4::b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
3    202.233.84.8 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
s-cs.send.microad.jp
1    2001:df2:a300:bbbb::136 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
3    2600:9000:20c5:3200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
9    2600:1f18:1aca:4282:8176:7413:21c:ce90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
21    2600:9000:20e4:7400:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
8    2600:140b:a800::17c3:5b8a (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
2    182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
mug.criteo.com
9    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)
cm.lndata.com
4    18.182.111.97 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-111-97.ap-northeast-1.compute.amazonaws.com
cm-dev-poc.holmesmind.com
2    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
2    52.192.40.163 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-40-163.ap-northeast-1.compute.amazonaws.com
fcm2.holmesmind.com
12    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
924b0039-31f9-447a-a8f2-b8fe9f40517a.t.ssp.hinet.net
4    35.201.76.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
2    35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com
m.holmesmind.com
6    52.197.5.4 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
6    142.251.42.198 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f6.1e100.net
ad.doubleclick.net
s0.2mdn.net
6    34.149.43.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.43.149.34.bc.googleusercontent.com
rtb0.doubleverify.com
tps.doubleverify.com
tpsc-ae1.doubleverify.com
4    142.250.196.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f2.1e100.net
googleads4.g.doubleclick.net
1    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
1    210.59.219.34 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net
prebid.scupio.com
12    35.190.36.98 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com
ad2.apx.appier.net
6    139.162.78.222 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1558-222.members.linode.com
gocm.c.appier.net
2    2406:2600:4::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
scontent-iad3-1.xx.fbcdn.net
2    2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
scontent-iad3-2.xx.fbcdn.net
31    2a03:2880:f003:101:face:b00c:0:1823 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
video-iad3-2.xx.fbcdn.net
1    2404:6800:4004:823::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2404:6800:4004:801::2003 (Australia)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    202.232.238.37 (Tokyo, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
2    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
1    2406:da18:929:5a01:753:f5e4:6f9c:e3e1 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    3.0.243.35 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-243-35.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
2    142.250.199.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f2.1e100.net
www.googleadservices.com
1    2404:6800:400a:805::2003 (Osaka, Japan)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
90 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 953
scontent-iad3-1.xx.fbcdn.net — Cisco Umbrella Rank: 5250 Failed
external-iad3-2.xx.fbcdn.net Failed
scontent-iad3-2.xx.fbcdn.net — Cisco Umbrella Rank: 5254 Failed
video-iad3-2.xx.fbcdn.net — Cisco Umbrella Rank: 21111
3 MB
79 googlesyndication.com
3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
472 KB
50 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
ad.doubleclick.net — Cisco Umbrella Rank: 139
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
526 KB
41 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 132288
cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 171925
fcm.holmesmind.com — Cisco Umbrella Rank: 210108
fcm2.holmesmind.com — Cisco Umbrella Rank: 154750
c.holmesmind.com — Cisco Umbrella Rank: 107592
m.holmesmind.com — Cisco Umbrella Rank: 190604
ad.holmesmind.com — Cisco Umbrella Rank: 104322
253 KB
18 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 52931
gocm.c.appier.net — Cisco Umbrella Rank: 2197
4 KB
14 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 489
rtb0.doubleverify.com — Cisco Umbrella Rank: 754
tps.doubleverify.com — Cisco Umbrella Rank: 505
tpsc-ae1.doubleverify.com — Cisco Umbrella Rank: 15385
255 KB
14 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 900
static.adsafeprotected.com — Cisco Umbrella Rank: 602
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
121 KB
13 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
96 KB
12 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 84860
924b0039-31f9-447a-a8f2-b8fe9f40517a.t.ssp.hinet.net
10 KB
12 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
572 KB
9 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
5 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
bidder.criteo.com — Cisco Umbrella Rank: 776
15 KB
7 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
us-u.openx.net — Cisco Umbrella Rank: 491
jp-u.openx.net — Cisco Umbrella Rank: 15595
2 KB
7 google.com
analytics.google.com — Cisco Umbrella Rank: 152
www.google.com — Cisco Umbrella Rank: 2
2 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
282 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 116978
storage.reurl.cc — Cisco Umbrella Rank: 432247
6 KB
4 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
57 KB
3 microad.jp
s-cs.send.microad.jp — Cisco Umbrella Rank: 17722
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
2 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
39 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
288 KB
2 lndata.com
cm.lndata.com — Cisco Umbrella Rank: 161265
940 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25818
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
716 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
12 KB
2 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 26644
2 KB
2 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 26283
515 B
2 re-news.tw
storage.re-news.tw
asset.re-news.tw
435 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
58 KB
1 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 8960
233 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 582
599 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
711 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 55430
663 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4999
612 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
855 B
1 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 92120
2 KB
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1349
398 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
854 B
1 alphaloan.co
blog.alphaloan.co
181 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 3858
107 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5797
248 KB
1 rayskyinvest.com
www.rayskyinvest.com
612 KB
1 creditcards.com.tw
creditcards.com.tw
49 KB
1 racingcharger.tw
img.racingcharger.tw
307 KB
1 prnasia.com
mma.prnasia.com — Cisco Umbrella Rank: 534895
18 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
76 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
5 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
92 KB
1 anymind360.com
anymind360.com — Cisco Umbrella Rank: 20760
42 KB
404 53
Domain Requested by
56 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
45 pagead2.googlesyndication.com 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
ad.doubleclick.net
www.googletagservices.com
securepubads.g.doubleclick.net
reurl.cc
78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
31 video-iad3-2.xx.fbcdn.net static.xx.fbcdn.net
28 tpc.googlesyndication.com 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
ad.doubleclick.net
securepubads.g.doubleclick.net
reurl.cc
78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
21 cdn.holmesmind.com securepubads.g.doubleclick.net
cdn.holmesmind.com
ad.holmesmind.com
reurl.cc
21 cm.g.doubleclick.net 10 redirects google-bidout-d.openx.net
googleads.g.doubleclick.net
78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
reurl.cc
13 www.facebook.com reurl.cc
static.xx.fbcdn.net
connect.facebook.net
13 securepubads.g.doubleclick.net 1 redirects reurl.cc
securepubads.g.doubleclick.net
www.googletagservices.com
12 ad2.apx.appier.net 6 redirects reurl.cc
12 www.googletagservices.com 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
cdn.doubleverify.com
www.googletagservices.com
78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
10 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
9 dsum-sec.casalemedia.com 5 redirects googleads.g.doubleclick.net
9 dt.adsafeprotected.com 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
reurl.cc
8 cdn.doubleverify.com 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
cdn.doubleverify.com
reurl.cc
6 gocm.c.appier.net 6 redirects
6 ad.holmesmind.com cdn.holmesmind.com
reurl.cc
6 googleads.g.doubleclick.net 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
pagead2.googlesyndication.com
6 connect.facebook.net storage.reurl.cc
connect.facebook.net
fcm2.holmesmind.com
cdn.holmesmind.com
5 storage.reurl.cc reurl.cc
4 googleads4.g.doubleclick.net ad.doubleclick.net
4 ad.doubleclick.net 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
www.googletagservices.com
4 c.holmesmind.com 2 redirects cdn.holmesmind.com
4 cm-dev-poc.holmesmind.com cdn.holmesmind.com
4 gum.criteo.com 2 redirects static.criteo.net
4 www.google.com reurl.cc
tpc.googlesyndication.com
78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
4 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 static.criteo.net securepubads.g.doubleclick.net
cdn.holmesmind.com
reurl.cc
3 static.adsafeprotected.com 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
3 s-cs.send.microad.jp 3 redirects
3 analytics.google.com www.googletagmanager.com
3 www.google-analytics.com storage.reurl.cc
www.google-analytics.com
reurl.cc
2 tpsc-ae1.doubleverify.com cdn.doubleverify.com
2 www.googleadservices.com reurl.cc
2 c1.adform.net 2 redirects
2 x.bidswitch.net 2 redirects
2 78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 bidder.criteo.com static.criteo.net
2 924b0039-31f9-447a-a8f2-b8fe9f40517a.t.ssp.hinet.net reurl.cc
2 tps.doubleverify.com cdn.doubleverify.com
2 s0.2mdn.net 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
ad.doubleclick.net
2 rtb0.doubleverify.com cdn.doubleverify.com
2 m.holmesmind.com cdn.holmesmind.com
2 fcm2.holmesmind.com cdn.holmesmind.com
2 fcm.holmesmind.com cdn.holmesmind.com
2 cm.lndata.com cdn.holmesmind.com
2 mug.criteo.com reurl.cc
2 scontent-iad3-2.xx.fbcdn.net reurl.cc
www.facebook.com
2 fw.adsafeprotected.com 1 redirects 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net google-bidout-d.openx.net
2 us-u.openx.net google-bidout-d.openx.net
2 match.adsrvr.org 2 redirects
2 oajs.openx.net 1 redirects reurl.cc
2 www.google.co.jp reurl.cc
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 cdn.jsdelivr.net reurl.cc
1 fonts.gstatic.com fonts.googleapis.com
1 rtb2-useast.e-volution.ai 78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
1 ads.yieldmo.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 sync.fout.jp 1 redirects
1 ipac.ctnsnet.com 1 redirects
1 www.gstatic.com 78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
1 fonts.googleapis.com 78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
1 prebid.scupio.com cdn.holmesmind.com
1 prebid-asia.creativecdn.com cdn.holmesmind.com
1 d.turn.com googleads.g.doubleclick.net
1 tg.socdm.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 scontent-iad3-1.xx.fbcdn.net www.facebook.com
reurl.cc
1 blog.alphaloan.co reurl.cc
1 i0.wp.com reurl.cc
1 static.wixstatic.com reurl.cc
1 www.rayskyinvest.com reurl.cc
1 creditcards.com.tw reurl.cc
1 img.racingcharger.tw reurl.cc
1 mma.prnasia.com reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 asset.re-news.tw reurl.cc
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 storage.re-news.tw storage.reurl.cc
1 www.googletagmanager.com reurl.cc
1 anymind360.com reurl.cc
1 reurl.cc
0 external-iad3-2.xx.fbcdn.net Failed reurl.cc
404 89

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2023-11-18 -
2024-02-16		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
storage.reurl.cc
GTS CA 1D4		 2023-10-14 -
2024-01-12		 3 months crt.sh
anymind360.com
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-17 -
2023-12-16		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2023-12-07 -
2024-03-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.co.jp
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
asset.re-news.tw
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
gbyhn.com.tw
GTS CA 1P5		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.prnasia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-11-24		 a year crt.sh
img.racingcharger.tw
cPanel, Inc. Certification Authority		 2023-10-22 -
2024-01-20		 3 months crt.sh
tls.automattic.com
R3		 2023-12-08 -
2024-03-07		 3 months crt.sh
*.rayskyinvest.com
R3		 2023-11-04 -
2024-02-02		 3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-03 -
2024-01-30		 6 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
*.lndata.com
GeoTrust RSA CA 2018		 2022-11-23 -
2023-12-24		 a year crt.sh
*.t.ssp.hinet.net
 2023-04-06 -
2024-04-06		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2023-09-29 -
2024-09-28		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2023-09-27 -
2024-10-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.e-volution.ai
Sectigo RSA Domain Validation Secure Server CA		 2023-10-25 -
2024-11-24		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 41 frames:

Primary Page: https://reurl.cc/gaOWLp
Frame ID: BC1E10546F1DB5FC1C97140723E64454
Requests: 48 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: 0F379003758F54C2CBEE70DECFD25185
Requests: 42 HTTP requests in this frame

Frame: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DC168A520BB9D41B46B77F25182DF610
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 36998D661D46CE741F28EE397DB0529F
Requests: 6 HTTP requests in this frame

Frame: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 036A14F271D945C0DEE598EB34364F92
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEY4ezf7gEwAQ&v=APEucNV_diRgBUpxF5Gil3wwiv7vJno6qeHFYUqsHlIEkwntTxe-Vlm2utiPLvaF1jePOJupcXT-hmrYR8KQFBjUFfi-57w35A
Frame ID: 5333B4747345BD313D361FF46E7A821A
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Frame ID: 06216D07E274D3722EBAF2495090D413
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: FE65EC2D4011411E719B35244B5E99F1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F8F9E74BFB8D5FBB07F2E8E0B0B97943
Requests: 3 HTTP requests in this frame

Frame: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C3F283AA46A451CB6F880692E9BE19B7
Requests: 28 HTTP requests in this frame

Frame: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5613DBBC7B494BE34BD011E47BF7697B
Requests: 28 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumjfAYaWbwCaTZiBnaSoJ86NOQjffkXZgjWXzPwInG7OjBEtvLbSEe85ZJUfJx53kfy_VK7m8zbOdkNUENQjRve4EZUYVfwlJn84MNrHsnR0zqbRL5jIOz6TmrIs9fs2Q1jqgW2CNEEO86ZGg_M3_0pLwpe88v3wN5rLOMect88_Rx2b_wLZby9lUGZ_JS8aLCvnbZ-i-WtVqruKvjL1EiKFetVuEppWXk2W-YXRhqJ7n2WN4w2xaNCQLR_Bgh-cb4etLnbQLT4JammU0mhkBClCjoU6Nat7O6ILwQ0PA-WZ-o-9KLfPlS4il6hUXJ1QZWrK3kicU9aJkXQyLXsOFkHvkb88GJEbdKP6dCe3jq3dRarE0XtXIXsSYimV7x&sai=AMfl-YRQIQbE6x9K61MluJQMTMovPC_FEzdwGwMIwu0FpF2b0HUTMmY92bU701xd4oHhX-niDXSCNoodxeQOIjEYCKEPh82x9N0AQK_VKu4goectBnmkAV_bCbVooS8d1Z_bW0yF0Htn0Y4GaAYC2c2Mm8vn1-HOTTjDWV9fCg&sig=Cg0ArKJSzHS-EdpcqNC9EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: D6023A7F24073AEAE118FABA532ACA82
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_KRjJPOe-Xq3oMKlkjzW26xjjOPRlCS8kiQ23lKMIAaBXVavUZ3fj9cDAgJLFjhbN9LTHrnzKzUGmFaHQ4OJhBN2HOEw8w9ShiosZwYGB-wGV_rLnhJ1xcLtOTd_kC7kniTVjVUTQZxRkZx86k2XUTmM6gtQMBsSo6h_AfdHbwrjQCLXINu9OMhpHtppCivae4js2RfHxJRyTrH03XS8vtCpFG7CHUZXXHBhrG5WTe6BPF_SrRR2DPASxpHFRUAU489DrbxOqLjyXmUeuAkgRz_31Wn_CCWvn0N-SvsVb2P1ESLkGiYsXNTTnWF6mKOZUIaBqQFU8j8vA3CD6R5Wh0M_hEEm0I7Li_indmX_ZDRyi6-EDFVFgxgnQxc0G&sai=AMfl-YR9HzI8OP2qjTl9tyvKZ3fjvWM36LArdXtIcbuwU7V8j-emzzjjk-oWpaskK05tGOeDErrlJ0Q-2kyZ5YTMtUBDpB869Aa5W_qk61F5FBhv6syPtfHbU-QF2GyvcwknyNpkJTATEA_bg0QrNSt_pCncFNHwA0eTuVlCmw&sig=Cg0ArKJSzDNirX-Y-wrDEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 9050BF5902BDE02575C09E82378E4D44
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNUKWhpJpqPXsvt2BdV8g0VEHJAAd9cXFs2zIim_lkKhX2lrcPMQl097zhdCTosDGAUdHPR84D3YnkZHe_jF8dIlOlD5MQ
Frame ID: CC3F2E71DEBD0AB602DFC8D4E33EAE08
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNVRX0AAaTGBx9CPNTHToL6FM1o-WTsXHRVaLNWJCte0-H7nv-t8KWqweK6X3iFKHGcx7gXLTwazoV_kOmSsMNRpGfrxfw
Frame ID: 7E13E223475E9CC50162EA19F8658ACD
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 35C23E40236CDB09E38392762D53C96C
Requests: 12 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 8A8295E1E15B3D171FDC126F4BEB47D3
Requests: 15 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 389D90245EC14CF25FBDFE6232013475
Requests: 7 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: A4ECA52F2D2A1FAA0424ABD2AD7B0996
Requests: 25 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 5AFCBD49E1D4AD2277AD04902092AE28
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 3FBB6D89E604885F548E929B27421208
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: D2C6B011BD71824DF14193D2D974976D
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 888BB069BB88CD829CE111A55BDE105B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 95379FA532822A9562B0B55668FD9EC4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 269AADDD53FA20C6B4C8326BE0FF7119
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5084.js
Frame ID: AA2F63FE44584C9E716EC596937537F1
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5084.js
Frame ID: 08E078AD5FD42AEF534F1DBF295BE7C5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DCF4B4140FA850F37AE719EDF2DE4553
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 688A4FE2380CAA70A5F14D7CBCD5C8D0
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/image/23000/609a296ec62f194de981d39962985aa6.jpg
Frame ID: D78CF809951D016B55BE448FEA56D530
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
Frame ID: 1A939835F1BB8146A7B33CC132D2D793
Requests: 72 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 2251058D8E9F0DA6013C13307EBAF349
Requests: 6 HTTP requests in this frame

Frame: https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 2385D2C392B029B88598332C374089B8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 255F5955AFA02297D20F33E9F6917FA6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 08BE89CC59E1D60FEDCB18F8107D1759
Requests: 2 HTTP requests in this frame

Frame: https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 501BD07409514EB2842BA9CDDE3B4DAD
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 108CC26F47FDD2958D3B85A95562009A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 0FF08C56A1493E96E008D69EA4BB6E50
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 806D68D9980FDE4483609A66835C62D2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D48841E1967EAA376A6EF2969BF4B324
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3E3CD146747FB634369D13577A25F9A3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

縮短網址產生器 - reurl

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

404
Requests

89 %
HTTPS

41 %
IPv6

53
Domains

89
Subdomains

70
IPs

7
Countries

8080 kB
Transfer

21403 kB
Size

59
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
Request Chain 74
  • https://match.adsrvr.org/track/cmf/openx?oxid=3c0777b7-5d5a-78cb-ec18-75814215a1f5&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=3c0777b7-5d5a-78cb-ec18-75814215a1f5&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=79e2fd74-05cb-4538-80fe-799c8e1a79d8&ttd_puid=3c0777b7-5d5a-78cb-ec18-75814215a1f5&gdpr=0&gdpr_consent=
Request Chain 75
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXQ9hMCo5uYAALJ5PbYAAAAA
Request Chain 76
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARbm4ih2LO1Bks8AEDt7OTgH1s8AAAGMThBODg
Request Chain 77
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTA2OGE0N2QtOTQyZC0yNjZmLWY5ZjgtMmYzODg4Zjc2Zjk1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTA2OGE0N2QtOTQyZC0yNjZmLWY5ZjgtMmYzODg4Zjc2Zjk1&google_tc=
Request Chain 78
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBERyKrqm9aKL6sNzAYxXQk&google_cver=1
Request Chain 90
  • https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Request Chain 91
  • https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEMGE3GrT9I23g19OprFo5NU&google_cver=1
Request Chain 107
  • https://fw.adsafeprotected.com/rfw/bgd/1527247/72330247/xbbe/creative/adj?p=APEucNXUaxijjchp4vZ03GancbwWtgKZezgyUbnk4_jhYxkzSvIZFoA&d=CokBAKAmf-B9P4R8uc7nJ_0OPGt9WZZtJh7V3rKJedjxbXAfQJ5JYWJHLWgKtGBil5IT4lSML_cPLhUEe4EXYwDw4BkamX4Q5BwLLvHgzNjNsBWDy88d3MmVOvi_rkk3HPjvaw01fhuR9Fa_2XdFrCDsUcG6kcDV3WE3Fm6MOoPAY_SD6vB2SxFaduYS6RUAoCZ_4ADFZsw3UxjQIr5Lb56yTSGfy0gg7EPH9xBzPK1JFubt4cwSGknjz7nUXaCQRXpKw7ntz3__SEGsEi4_TaD4tLPPXr6Qehe5aEvTLwjQhqQKMcNoudEc0HqaPis-e-MwiuDJd5t7l1wrIP-jd96xbUemYuBon3ypTXihLZO-uxufJNXoqtW4Ko_iiD3lDgeu0o2xTSSKCjvaJ8cUmPbBeaQicAWR59v1gjXtpSefG-EUjySRb91YjGb6sgw38tj7jvFb2ZGtdDm7KVKmjE0gA2KR_l8Wb-ZXCZQXiBC8vrrMqAdbgHMQyyDSF4f-JPdmKQ1WEM0YJUPG0xOPE81JXrBhPVIreyCR9KKpZJUV3cnQaRzFmIStkiPYGHURA5aTenXR_SzHyNRHkoOQWpX0YoirQ2VX8vYeMb71R7mxk2MnXHrs4O7-YE0F9hytTSY467rx0PiPrE9fNazvpRSt9ipwf3WuBRXRvsX86D60xq9j1uT7MT2_C6m2TxkjUZubW85L37bSq3K9F-koS6-MMMPQmaXDmLQqKrfk64-FOAX-5Cq5lrMAy5FKKJR47Yf9uDUFiD60Vne8NEjX3r1-6YjphDvMWg5tfZYkA3-L87I7tK7AIpBENBMmfEh8A_IyM74HA2sHC2wn9lDf8L7YeRA9tVtL_IO7R_dO0L2s6B90xGfyvjpZaK33V550Nt83sBAq9T0N7dvv-m1bHuBHlRQ4a3x9KVvJLOXpf8F1OxuzUkDFfwKVMe2VWVhwMJn3HvLXXYgnTLiIlU48wPRdv-sLhksheiCyLT7zQ_s_JbPvEpowe3rLgmmf049KFlBoDxWAOxoaPNwxdA4khbtZqnwcxEZrlGW79SUoBSSuOwEk2_OLmOAWOUyHo5NjaTNOLSAtJKdmsjY2sfcKqJh_YvySi9Xt42sbyWaysWfn_TYuO4qIBkil3z4FIvGNBNfsX0mdtznNAHOJz4tFMfceSfANcGUnNDaz8FAtHr-NmwGQEEasEornJmBceS9ulSIr8NJfNFWtRwY4no7jcLvHkJb9mBE1f401MROIV6yVdFP1WcmMlON4zNrn1U4U5o7z0vSHAUDGjoX162QIW854XaTc6L48POM26_Xp1ue2az8bxhzkD3AUcNGyESWqTCApE8JNlivl0v3N0SKat7hGdvcqYBZH0CI2F4IXJhsKhGyIZDOTorXH45ecgWKFJjAdE7u86DVrTStkSaGfm5JOOWoSvt0c_RqfBlXKi0XAP2frIwWW33B7iRvOgLgzz8qwhw_PSu3VShO_8qBLbvAFoadxHr5t6-3q2SZH_BE_tOjV7QqJUO9vzX3CNQWgmYPH4iZJu9tJ1SBhtRQNyGsdGJnDesq6oNO_nbry77zhgZbJd0Kn2wOJw95T1MQ3M-n35qe9zbX4eyLdchFxRSQa_QHcTUIIRhwscBCCMMDDPS-13Mshy1wVKDsAzLrJAx6EbuG3G9tbFvSLJRK1RL1k0g8JD4QgZyC13hTMV4xOatGfWJ4rjyae2BImpkJA9YbzdXCFzTdSArJ6ZXeQJ-q9UXu7l4TO-kPNF41FQyXVHVir3PCrqKh6QRlGVXgm4UFmfY0KfafMxUk1oSTYg6saCquJf2AbRjWCE-ctOuWbXvZ9vPI4P7LmCZ0Cw9tyiTFmlQ7Xg5yIrzu5xhd_MZRIdE_6S4IFA7IVfUwcNyUUizdpGuLSttSJMnvZpGxbJesGVacnAF3ApDN2du6kYzfbc3WkiyUCGNozknp4S44SZeB9G3ihGCU9XNyFcHAjtTo-XZ70YvEjVuAIvZUO2eN3Z14_VMWeJ8L1RLAqPqEVpfFlxjuUaL_rYYoqNoHIAe1onRssKoDQKMps0A3H0ThBWh67vvev7rdqESB5AFs3rUOdqJMl_OLakjQpZhW7nDAx4EaOHzWJMxxGcWApOt09JAN6W2332mYqREGLwcx6oFd-geIi1IN49LZoh5dOSyLrHha8kTuexz18dkgANIQj_LV0PRVvrdm45Efbe63AZYMckB0Q4c6o7y-4IX7gU7UxTjMzrXlYRQIJnRdfRR1moO54CNoB13sKWamisP5jpGtDKXN-FgXaJXwRPsXMOhd4hcDVooGZ1SaQb7KU0ALQD6MjP0avHu0BuP9PUpSmkajLfZ5UndMUtDqoPgclF6U4V-tCssv-9DiPLT9zu4-BXfJ31xYv013y_QdtFelW9mgk7sjwz2WbiriebVzecWSoExfjW5qk4emI2a6HIeifYX0Q3Oq-wvHuhaepeYyn2zJy5HtEmtB05ai8SILf91lAe4cb3QX7tOgiviQqDZPnTl82IzDTE33HGg9bHOgG4TRGNFFdwLvXiPQtWxzWlg4htZfeJa7tboSmgx9cA7zP11Zl3hILaZjFVwfPjjnD8GCnHw8pFUd-Ouyii-V1o5wm7vD5Opnc1c5b7KRG2LQp_t8xn9i-k4V3cxIQth1UTdSHV-Eb3znAo1W8tOSbQTvQKdCZpo0mYGi4I6YCo_BDScrVmhM6H5nZMp1qTVLhPAyuLqZMFRcsGsfmPSJS4UNKis7v4ezha8fy0SoIFfwJeqD1h_YQleuOZ_9eu2VAf0nWGQToFje1S9rfl2458PlqsmeAQPuN-HLJ0qLI9hHoqrHw5QIMZzeQNPUbuQXu7wHerszIsreAHzzxEgYgMpFs_8y1DPAaXC61gaPxY2tl2vJD5pujLBXTmqtCDunsnswK5kBs_evwKXR4vHNHwxWWu5-Vv59NpXyQybZ-lShbdn2pN1VkHKcu4Esh3cwdCsY0fvQNmUyv4GfdGs8Kr281swqASdTpY0aB2q8HVRmxLSvoqFSuPxX7z4QsGZKVtAfC8XUuhYqaY4hzg8_YiwOf3Vw6yXssApg-bbg2Y9L_F4xk6W8J9u6LOeXQqvunkfYy5x1lYj8Yso4C-_gAI-7xdk-lwfa7fOECTLLewY2l4iCh0Nfo_Y32RJzkMvhi3nYxhIE4fKiQkvLPUUrauHHX3echcliAiDdcMFoBDQuogtOUi13x6xYfnwIRCQzTFThEoKexVm60Hg4VtImPGSyYT8AgPBYtYtvNzeSNWpvSFPA4dyAKUkvknSO259loI0O_5Pew2ShiArpw2108p6eHgMWxka7dT9XAy0cTwCBFIahKocSyH9_FWlr1GAAaBptfNHvVQZvn2wUt3EgRUkk7u1e33FrSsPKKC10DGKEH4j6FuH9astLT9WHyOBl81ixY13ptjsRnfxboZIradmUmF_L8yR2ezw5g13p9SVrpAhl-cGQuVYo84C5Fai_qIsHqjuZPFMJlJSoee5c9c5j5sJCLSdZLPvSYDamIAx5YWys_QYRrMJHDVN_d2GfT2rZMpZ8AzRWs6kjfxEWj2Q0pCqMoTPlotAkdp3n-hnPVxZBeo_pKcQBniDKtSoC_0A-S5fxcEictdsiBZ9OZsO1RG1qyLPCB0NO9LolR8_-rkjo2oY-QRrfSQJ16-QxBxQcgZW4PBNWganmhsLbP7sU_sBNBFF_na7YBuWC8ZgDQwHOLvui18l1X1Wu_hVnFGDaLMww_pLVV2ushRpRGeeQzTVlkT2epZq5fyd5m_Z0GORQkIBME0LmtShnNmGDx0VNy42Bhk_05RArQ1FZCF2SGZ7KMMJB7AdfI2HDP-GQ0_0VB9HRJgy3KRnhUOPw1V5827f3zVnrrA2zRWwgUrXZsj1vA7A0aVAgEEk4AyAmmjXnRt0p0XTp-vHXNMbdG89HmUTxBl-_XPLYj8HI-cqgMp5pSY0QsMp9Lk8Ve1ZcU8WtD9kSU4JR4ByYi207zM5N6MC66gPSirBwYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1013061581&ias_pubId=pub-1310852604335254&ias_chanId=1&ias_placementId=20266420299&bidurl=https://reurl.cc/gaOWLp&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iQWSCTDbot04sD1qipMqnr&adsafe_url=https%3A%2F%2Freurl.cc&adsafe_type=y&adsafe_url=https%3A%2F%2Freurl.cc%2FgaOWLp&adsafe_type=e&adsafe_url=https%3A%2F%2F3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:9e0b2962-b786-8029-cd83-7dd05f5ef6a5,c:wkpRpQ,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74989cd8c9-pwfns,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tXW4nGk+11%7C12%7C13%7C14*.1527247-72330247%7C141%7C15,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:19,oid:7081271c-967b-11ee-bd48-d2ef46662cbe,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/passback_300x250.js
Request Chain 139
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=SDtBinw2M2ZSdjl5OUFhQzhtOE1wbWN5UjhEbzFzYThYRHFUNjdtdjErNWV5TDRSTW9CbHcxblRZS3BKU2NOMzBBZFdIM0x5Y0wvYWdlaUxYVW51VVBZNWxEd0k5TEJYZkZCRVlmRFVwUFNqUzBTOG5kQmRrdllpWkcwU25kb2dSeitpMXZkeVFDdkVyTnFCV251MmVHbXdwZ3hCd0xhaVZHb3I3RUo5QzZwU21CaGgxRGFTYUljdlBsWHRERTNLOHFib21Ia2VzN2tUSGdqWm1aYlNZZE5tQU9PbUQ3YW5rTCtZZ2tOelRrdFZ5ckoxUHBZdHd4N2RPd1ZWTCtCcldXRHoxSVovMTV3QXBhZnRtakdLVllIT2hkZz09fA&cppv=2
Request Chain 141
  • https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=NTFjMTA3OTNhZDgzMDIwOTI5ZjIyMzgyZjU1MGQ2ODE=
Request Chain 142
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGAKswRRgNYe92Pab53AMas&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGAKswRRgNYe92Pab53AMas&google_cver=1&C=1
Request Chain 143
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXQ9hca..DyOYqKWRo9LRQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGAKswRRgNYe92Pab53AMas&google_cver=1&google_hm=2
Request Chain 145
  • https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=NTFjMTA3OTNhZDgzMDIwOTI5ZjIyMzgyZjU1MGQ2ODE=
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGAKswRRgNYe92Pab53AMas&google_cver=1
Request Chain 147
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXQ9hca..DyOYqKWRo9LRQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGAKswRRgNYe92Pab53AMas&google_cver=1&google_hm=2
Request Chain 162
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEOKaZSq807m6xkrs1-EqaFo&google_cver=1
Request Chain 169
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 173
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEOKaZSq807m6xkrs1-EqaFo&google_cver=1
Request Chain 241
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=NTCP2zaKCSa2Mkbbhj10ZQ
Request Chain 242
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=w0VKy1j-DsG8QHG5hj10ZQ
Request Chain 243
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=GTOAGw7cAq6SzR4Ahj10ZQ
Request Chain 244
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=2_5WDdSIC5iWIkrEhj10ZQ
Request Chain 245
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=bCbRDEwvA7qrEtDYhj10ZQ
Request Chain 246
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=xsZN_TkhAlWfkLr0hj10ZQ
Request Chain 332
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEGALEdzBSxrZAjaiT0m6BRI&google_cver=1&google_push=AXcoOmRAatgMzL5-SCE0mPSoMCy8EreWuZclpUzwV5BVQB5S1kiXzozwlWOyxJ1hAK53V6fbeXuS4yvIdBfDF9phXdJBgBZRqwU40Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmRAatgMzL5-SCE0mPSoMCy8EreWuZclpUzwV5BVQB5S1kiXzozwlWOyxJ1hAK53V6fbeXuS4yvIdBfDF9phXdJBgBZRqwU40Q&google_hm=5eMS7LzyTOO502Vi2ea9C6w
Request Chain 333
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESECxv_Ly0z5cGcr5yJ0OrNXM&google_cver=1&google_push=AXcoOmQIXxJbWMurMrJYDtmzSXGTIfFKdLZmpZTklEEIK14xMOkz8jQTDjZpuU1TwIx6c3JM7eS0bX0kLHd7XDZHSBnBXkX3ieOurg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQIXxJbWMurMrJYDtmzSXGTIfFKdLZmpZTklEEIK14xMOkz8jQTDjZpuU1TwIx6c3JM7eS0bX0kLHd7XDZHSBnBXkX3ieOurg&google_hm=Q1hkM2x6MUxFTDBsU3d1aGxPVGNwQnNRWUxZ&from_google=sp1
Request Chain 334
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJA5ZSJuh7YG2Fn_oIATK3U&google_cver=1&google_push=AXcoOmTX2_6Ymk_38g1HhKtpCuBlDiRJ496qbk5IK2jeOMA5q5rGgQFCvkYNTGfZ_0rIvV2t1pAAS08HulgraxNHstIYa63PCESuag HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJA5ZSJuh7YG2Fn_oIATK3U&google_cver=1&google_push=AXcoOmTX2_6Ymk_38g1HhKtpCuBlDiRJ496qbk5IK2jeOMA5q5rGgQFCvkYNTGfZ_0rIvV2t1pAAS08HulgraxNHstIYa63PCESuag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTX2_6Ymk_38g1HhKtpCuBlDiRJ496qbk5IK2jeOMA5q5rGgQFCvkYNTGfZ_0rIvV2t1pAAS08HulgraxNHstIYa63PCESuag&google_hm=sqUgHXqOSgClehAzm50yeA==
Request Chain 335
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFkNowyMX3swvACiDVPQRCU&google_cver=1&google_push=AXcoOmQLVdEss1UcDNI3h34IyyLlnj7kxlyz-9ix2REUMlp2ML0z0WMEcg98DepqU5es_V6qEqUoCNQvp3PanKLSmYK1qQeYLqUf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQLVdEss1UcDNI3h34IyyLlnj7kxlyz-9ix2REUMlp2ML0z0WMEcg98DepqU5es_V6qEqUoCNQvp3PanKLSmYK1qQeYLqUf&google_hm=eS1ucGhGbE9sRTJwRnBBZDdYYnpWRGJhc0hVWkdlRlEyYX5B
Request Chain 336
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMo_8ZOKJiAv7qr_EGtojuU&google_cver=1&google_push=AXcoOmSctk7bEtlRBc5qfHHlMoNfBXGnu5Eg-HWmJCJvqc251jitpB7Me3I9kmXREZJgTXffP7YYTG31Alf-OmRErhYg-bp9MmGhLQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMo_8ZOKJiAv7qr_EGtojuU&google_cver=1&google_push=AXcoOmSctk7bEtlRBc5qfHHlMoNfBXGnu5Eg-HWmJCJvqc251jitpB7Me3I9kmXREZJgTXffP7YYTG31Alf-OmRErhYg-bp9MmGhLQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYwNTE0OTcxODA4NTMzODk2NQ&google_push=AXcoOmSctk7bEtlRBc5qfHHlMoNfBXGnu5Eg-HWmJCJvqc251jitpB7Me3I9kmXREZJgTXffP7YYTG31Alf-OmRErhYg-bp9MmGhLQ
Request Chain 337
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEE1O7GQM5YjX0BrTURNnK5w&google_cver=1&google_push=AXcoOmQwvFvdGhrCJyF3od6e0QM79R-bdUUpd5MIDhyVcxM5vM-hKRy0-VgnehoW3Xz0-nKxS7uJzIy1LH_QcK4bpZHc_WHiqRcHXQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQwvFvdGhrCJyF3od6e0QM79R-bdUUpd5MIDhyVcxM5vM-hKRy0-VgnehoW3Xz0-nKxS7uJzIy1LH_QcK4bpZHc_WHiqRcHXQ&google_hm=M3pSQnhGRnV1d0ZVVkN3ZUlxNzA=
Request Chain 342
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CQQXVhz10Zb2xEoSKid4P-9uDqAfh6KzIdMbE-uf0EWQQASDSzIEaYInzxYT0E6ABvNymmCjIAQmpAgTpx1W3oT0-4AIAqAMByAPLBKoEsgJP0N5F-51FRkn-IVEXhri4xo5GHIHAUdA4oTgu9BA-l058PmHh9Wbn5DzwQ8Z6yXpiu3GX_yst_lXE06YEXQKhmv329taOrP8f-awJPymGEuMSmoyJJ6ca60wjpYlomMVMpQO2C0c3FdnJGk4Hg8jEoc3z-TSrO20QxRoJ8glf50GG67u54DBkEjv8o9VAifsS1MvqsQMxiW45LB4A3Y9g1POS0KWt0S_Jm3n-LqWZTtpE6nBdlYI1pLbOb7J1u0B5yECaqgaHacNSM2NMF4PstolIaOFv-GS0muxyip2Fkngs0Y4rx93TNKCSFyqHWWq1P2GMCkJtWgbYBnt0E5o-JV-XRwjmRW_hzTIZ3tZEgf2z4srwMW2247vKwAuS5SU94qqNc7NUizuaoT-LQiQSzufABKzmzIPDBOAEAYgFn6Tt00ySBQQIBBgBkgUECAUYBKAGLoAHvJT39wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDnzgPSCB0IgGEQARgdMgKKAjoCgEBIvf3BOlj17-X-joKDA5oJXWh0dHBzOi8vd3d3Lml0b3lva2Fkby5jby5qcC83dGhlcHJpY2UvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jb250ZW50PTd0aGVwcmljZYAKA8gLAZgM5Ln81twEogwUKhIKEOS0sQLutbECtbixAqy6sQLaDBEKCxDAuPyg-_LErsEBEgIBA-INEwjylub-joKDAxUERcIFHfvtAHW4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=ZQRuspLzih4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNRnQZtGik_WmR9C9D3t4TUHQJSbo8ZWDSl6iFlHx_oU4dPGxxEdv3cQlu7ub5mOAAzVf9xzEuGAE&template_id=515&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x41f21cd5fe7a41210000000000000000%22,%222%22:%220x1fc0a47e499d30890000000000000000%22,%223%22:%220xf6683ecc5eb8c4a30000000000000000%22,%224%22:%220x69c09a709fa9ba740000000000000000%22,%225%22:%220x4db492ae812a8d420000000000000000%22},%22debug_key%22:%225221659659365310230%22,%22debug_reporting%22:true,%22destination%22:%22https://itoyokado.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210788384316%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210531050292938958817%22}&andc=true
Request Chain 372
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=uEUWuF9JTXF3JTJGODBmRkJzVWZINXFocWx1NXowQTZWM1dYcnhZSFBrWWZVVlJxQTlzZUVUVUFxUFJxUzMzSG85QWdkYWVWaG14TzhrMEMlMkYzcFYyNnFXZiUyRmxDRGxPdlklMkI5QzRpODlaa3ZLaTNvTTExcUdZRWRHOVltR0QlMkY0THc0ZDJtUndobGloeU8lMkI4THZWdDZSZWZNMVBHQ0ElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=WMlJfnxJa05TWWI4ejYrbGE5WTZVZmUvZ2p5LzcybDErcms0OW84K1lsdGhua2c3RU5EU28xT2lEVTE0ejVkL0VHMDBJbjRVNzJqUnJsK2ZUcHpHMHJKclQxRWRpSTdvZlptaFdCS0tTdEllYW1sMlNRRytwSnlpVXRxbEZzZ25hVmQ1NmZDSS94N08rRjQwZmZQTlZZVWRCanQzYVVTQlNsZ1F5Q3ZYcXU3aUltd0wwNFdTdnRFdFpaOGdGQk5RRmxJaHFxb05naUNRTVVUN0d3L0JQTGw4YUNpbytDQWdKZ2k3UlRKdnJlUkFwcFBXb2dzVUZJT1p0OEZjamdUb2hEK1loVWpIQkxVNWN5U1lGaXNMR2sxcnhHUDdYWWdZbmdSZDkrK1Z6SnR4VUo1az18&cppv=2

404 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request gaOWLp
reurl.cc/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b8e642516dc8d83ae1e8b5364acfdc7fa6e589703f5237c671591ebe9db5708a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 09 Dec 2023 10:12:19 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
target
https://cla2.cn/SpY
vary
Accept-Encoding Origin
x-request-id
3b6b30af-2e51-45a7-96e1-8d9104a02814
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 09 Dec 2023 10:12:19 GMT
x-content-type-options
nosniff
content-encoding
br
age
3903105
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25648
x-served-by
cache-fra-eddf8230028-FRA, cache-nrt-rjtf7700036-NRT
x-jsd-version-type
version
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
storage.reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 05:25:13 GMT
content-encoding
gzip
via
1.1 google
age
17226
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
904
x-request-id
fc8feb72-8536-48a6-8028-d83a4a364c4a
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
ats.js
anymind360.com/js/9479/ 		177 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/9479/ats.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
226d20c2725e876a96edabbbad4ca3709478995aac12ff27b7efff45d73d96c1
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 07 Dec 2023 14:06:43 GMT
date
Sat, 09 Dec 2023 10:12:19 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
158736
x-guploader-uploadid
ABPtcPpQsXg9lzBT5aOpD9grjhC9iLm1TjYzCzHH0J6yIKiAdthURi_Ywm4EYN5AKr8iJmMJsYiCRVITHA
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
42279
x-served-by
cache-tyo11954-TYO, cache-nrt-rjtf7700032-NRT
last-modified
Mon, 20 Nov 2023 09:15:25 GMT
server
UploadServer
x-timer
S1702116740.831439,VS0,VE0
etag
"dc1bad45759bbb89536459f2c34eaa21"
vary
Accept-Encoding
x-goog-generation
1700471725490318
x-goog-hash
crc32c=3IRkSQ==, md5=3ButRXWbu4lTZFnyw06qIQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
42279
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
1112, 109
pixel.js
storage.reurl.cc/javascripts/ 		429 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 06:55:47 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
11792
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
429
x-request-id
5489c628-f131-4d3c-9ebe-f91ce0a157bc
ga2.js
storage.reurl.cc/javascripts/ 		536 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:54:35 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
22664
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
536
x-request-id
9173d2c7-e0bd-48bc-b367-046eab52d0e2
js
www.googletagmanager.com/gtag/ 		278 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b3cff0979ae4453a0f5e09b91417604d6481acb894f3734dbe0dbb5040086a46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93958
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 10:12:19 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3bcd3b9dd33a70702868257484389dec8761bc8a34a6881491e7a43583c68151
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30282
x-xss-protection
0
server
cafe
etag
660 / 19700 / m202312040101 / config-hash: 18041799505519846586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 10:12:19 GMT
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 09 Dec 2023 10:12:19 GMT
x-content-type-options
nosniff
content-encoding
br
age
3910133
x-jsd-version
2.5.16
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33184
x-served-by
cache-fra-eddf8230020-FRA, cache-nrt-rjtf7700036-NRT
x-jsd-version-type
version
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
renews.js
storage.reurl.cc/javascripts/ 		412 B
512 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 04:32:17 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
20402
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
412
x-request-id
3abe074f-f7b9-4f7b-a309-7a2b3acdfb57
loading.js
storage.reurl.cc/javascripts/ 		134 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:15:35 GMT
content-encoding
gzip
via
1.1 google
age
7004
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134
x-request-id
c59abd7b-7112-4fd2-ac37-44e4f4141941
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
page.php
www.facebook.com/plugins/ Frame 0F37 		95 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dd07581e56231d553bcbc4f77379226b1c0e5d612bdb630e92a41c4df2837620
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 10:12:20 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
HI76gT3+YnUAFwwFMl5lPY2Q8TLMInMC3kxTMX+VcdtyQkdc5nhUfXZ07vPKVRzM9wGy+O7R0VTg4kf7uGMV9A==
x-xss-protection
0
feeds
storage.re-news.tw/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
280555e90833f74ed9c01266459f9e2154a47b4e69e8461e8ab16ad26dc2eb05

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
via
1.1 google
x-powered-by
Express
etag
W/"1cb0-4Zcx80RnVJ+6inVfxQuGoybh2h4"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7344
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 09 Dec 2023 10:12:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
uBJTycC1iKb3NuVBXVwOsiVoISFAIw6ZuJ/NfV6667PbiAMncGsRHAubC7Ksu0GRkrx3Mfk6l5hmDGcBTsVZjg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 08:28:58 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6201
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 09 Dec 2023 10:28:58 GMT
1675200226052423
connect.facebook.net/signals/config/ 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.138&r=stable&domain=reurl.cc
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
096f85ac6d28eb274e8f6bcffc83c4d3baf2041bd4befd0adea68c566b20c57b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 09 Dec 2023 10:12:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
33827
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
g1a3aNDy0gEhJ45GX/elJXNM6sMKZfAxo3nc5zw+VYqhQHA/rZ9aGYF4xVzFemWSr/coznQ8CZmOXqAazpS9Ug==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1702116739969&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1702116739966.159841516&cs_est=true&pm=1&hrl=7a1c4f&ler=empty&it=1702116739951&coo=false&cs_cc=1&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 09 Dec 2023 10:12:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ 		4 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=29872311&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1284579845&gjid=2001507699&cid=412506686.1702116740&tid=UA-102456694-1&_gid=1108869898.1702116740&_r=1&_slc=1&z=1720186837
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=29872311&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MzEuMjA0LjE0NS4xNzI&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=412506686.1702116740&tid=UA-102456694-1&_gid=1108869898.1702116740&z=1233932426
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 20:38:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
48809
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=412506686.1702116740&jid=1284579845&gjid=2001507699&_gid=1108869898.1702116740&_u=IEBAAEAAAAAAACAAI~&z=1528658625
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c01::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 09 Dec 2023 10:12:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 04:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
20496
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138293
x-xss-protection
0
server
cafe
etag
11350998454379829730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:30:44 GMT
collect
analytics.google.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702116739890&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=412506686.1702116740&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702116740&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=page_view&_fv=1&_ss=1&_ee=1&tfd=474
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=412506686.1702116740&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c01::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N394QBRGC0&cid=412506686.1702116740&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1&z=1355742354
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 10:12:20 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
52005
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
832c7819fceaaf93-NRT
expires
Tue, 12 Dec 2023 10:12:20 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:50:26 GMT
content-encoding
gzip
age
2229714
x-guploader-uploadid
ABPtcPqPwuEzu9PPlLGY8ZZ2PDopjsULXtIvSx8nzsjudYb98b3MjuWf7TtKmvnDJs72Y4UZuagVXWidtmQjR4u-Z7lYVe7pmDsj
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 12 Nov 2024 14:50:26 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
012df70744ed3702a545288659078ab0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:44:42 GMT
content-encoding
gzip
via
1.1 80f9a735214ee6903d0442ea922d2030.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
55659
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
ATC0rZokbPWlJvFw_y9lFxt5qfoqZ21MgPj5VLZEQdGHPe-4cKBHcw==
ads
securepubads.g.doubleclick.net/gampad/ 		119 KB
28 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=176372759853315&correlator=1888711811179063&eid=31080079%2C31080081%2C31079527&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847%2C13848%2C13856%2C14210%2C14209&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%2C300x250%2C1x1%7C320x50%7C300x100%7C320x100&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702116740122&lmt=1702116740&adxs=245%2C1005%2C245%2C625%2C245&adys=505%2C108%2C108%2C108%2C358&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=1140x90%7C380x250%7C380x250%7C380x250%7C1140x50&msz=1110x90%7C350x250%7C350x250%7C350x250%7C1110x50&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=412506686.1702116740&ga_sid=1702116740&ga_hid=29872311&ga_fc=true&dlt=1702116739817&idt=269&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=81851380%2C1451399479%2C827794272%2C3242553145%2C3271617715&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd5b883208737683591b97adc671269d8c2dc5ac6deae83a6cca6fc232ad91cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28795
x-xss-protection
0
google-lineitem-id
-2,-1,-1,6297900949,6297899953
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1,138432357881,138432362607
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		34 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=176372759853315&correlator=1888711811179063&eid=31080079%2C31080081%2C31079527&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702116740131&lmt=1702116740&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=195x-1&msz=195x-1&fws=512&ohw=0&ga_vid=412506686.1702116740&ga_sid=1702116740&ga_hid=29872311&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYl5jB8MQxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiXmMHwxDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yl5jB8MQxSABSAghkEhcKCHJ0YmhvdXNlGJeYwfDEMUgAUgIIZBIUCgVvcGVueBiXmMHwxDFIAFICCGQ.&dlt=1702116739817&idt=269&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=3261691140&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
160c72a1882339cfcedb15b0d425baed9fa9b4d8ee5c5be7bbd878676dddd315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13069
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DC16 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 10:12:20 GMT
expires
Sun, 08 Dec 2024 10:12:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
mocpogo_01.jpg
asset.re-news.tw/images/ 		427 KB
428 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.re-news.tw/images/mocpogo_01.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.23.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.23.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
675c68ec272e15adac541942a16ddfa45419f6f959147e4728a4e26c512520ad

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 09:57:56 GMT
via
1.1 google
age
864
x-guploader-uploadid
ABPtcPpwvlvP3yEtfes5HOYA3XfBaMRMIN5mZnH87SrnMD1nPxfxN67v91x-hlEV70iEc0fj9g8wXqDTVXXrwYqwf3BVwg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
437364
last-modified
Wed, 18 Oct 2023 12:58:27 GMT
server
UploadServer
etag
"2336bdf757022c5d87b79cbbbcd1b477"
x-goog-generation
1697633907721269
x-goog-hash
crc32c=dvOsJw==, md5=Iza991cCLF2Ht5y7vNG0dw==
content-type
image/jpeg
cache-control
public,max-age=3600
x-goog-stored-content-length
437364
accept-ranges
bytes
1701901342-a3fa804e4bd060918c5127ca4ee031ce-840x525.jpg
img.gbyhn.com.tw/2023/12/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2023/12/1701901342-a3fa804e4bd060918c5127ca4ee031ce-840x525.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:6009 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0210061ed0a4abc0263a7736faa5eb43cb8126bf3a350a89c49eee5a9db28147

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
215116
alt-svc
h3=":443"; ma=86400
content-length
76838
last-modified
Wed, 06 Dec 2023 22:22:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atXmsWfo4htGuOesgceivz%2FlAPcgHV2DjTguoWxtF6K%2BKyIVcF5%2BDnMuxkXIkO1ipmR9QyYfrvDjClO4%2B2z2pR7%2FzDfbLAhYJODsRLYvhKK9QlarnmgW%2Fb%2FXB8LnXRYKboMe1aFWNVaAHZuvE%2FON"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
832c781b6cc280b1-NRT
expires
Wed, 13 Dec 2023 22:26:28 GMT
ESR_Logo_Logo.jpg
mma.prnasia.com/media2/1876479/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/1876479/ESR_Logo_Logo.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:eec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
eb1dcc6858928161e0f053fd744a2039bb7c340473c48c38eea01305c9109432

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
cf-cache-status
HIT
age
75116
x-powered-by
ASP.NET
server-timing
intid;desc=cbb846fcf3a00f17
content-length
18053
cf-bgj
h2pri
last-modified
Fri, 08 Dec 2023 13:16:21 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
832c781a0c7a6889-NRT
access-control-allow-headers
Content-Type
expires
Fri, 08 Dec 2023 13:16:22 GMT
2023120802095359.jpg
img.racingcharger.tw/wp-content/uploads/ 		307 KB
307 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.racingcharger.tw/wp-content/uploads/2023120802095359.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.216.47.122 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
61-216-47-122.hinet-ip.hinet.net
Software
Apache /
Resource Hash
9c067c26f5bddfc2d3810a3ada3371fb1f5e2350d76342d4050ab3fc67335964

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:21 GMT
last-modified
Fri, 08 Dec 2023 02:09:57 GMT
server
Apache
accept-ranges
bytes
content-length
314534
content-type
image/jpeg
2023-JCB-%E6%82%A0%E9%81%8A%E8%81%AF%E5%90%8D%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2023/01/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2023/01/2023-JCB-%E6%82%A0%E9%81%8A%E8%81%AF%E5%90%8D%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.25 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e6478184fe5d7ab4f3bad23a1d02c3331f979cf4fa2a38eaf2ea6e53f54f391b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-ac
3.nrt _atomic_bur BYPASS
content-length
50242
x-nc
HIT bur 4
last-modified
Thu, 30 Nov 2023 05:13:28 GMT
server
nginx
etag
"fe1c2850a81cccd5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Sat, 29 Nov 2025 17:13:28 GMT
%E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8...
www.rayskyinvest.com/wp-content/uploads/ 		612 KB
612 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rayskyinvest.com/wp-content/uploads/%E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8C%E7%94%A8%E4%BF%A1%E7%94%A8%E5%8D%A1%E8%B2%B7%E4%B8%8B%E4%BA%BA%E7%94%9F%E7%AC%AC%E4%B8%80%E9%A1%86%E6%AF%94%E7%89%B9%E5%B9%A3-3-1140x570.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.149.120.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.120.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Sat, 09 Dec 2023 10:12:20 GMT
expires
Sun, 08 Dec 2024 10:03:55 GMT
last-modified
Sat, 02 Dec 2023 07:13:09 GMT
server
nginx
etag
"656ad905-98e3b"
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
626235
x-cdn-c
all
x-sg-cdn
1
file.png
static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 		248 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c4:a000:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-seen-by
image-manipulator-7c76496fbd-bz6ff
date
Fri, 13 Oct 2023 11:18:20 GMT
via
1.1 google, 1.1 aa19ac2dc7aac8963b7348f7816ca144.cloudfront.net (CloudFront)
server
openresty/1.21.4.1
x-amz-cf-pop
NRT57-C2
age
4920840
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
5I_Bn79gpSophCdXDFmd1tbmz-QV66nD-dtk_Iuc9am3MvOJLfkN0w==
content-length
253615
wix-tracer
2WhrxaKwv8p2lJNwgKmnBT7r70v
2023101023413094.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/10/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg?resize=1024%2C535&ssl=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
109448
x-nc
HIT nrt 8
last-modified
Fri, 13 Oct 2023 09:02:46 GMT
server
nginx
etag
"ab5b506272fb167b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg>; rel="canonical"
expires
Sun, 12 Oct 2025 21:02:46 GMT
%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.236 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
strict-transport-security
max-age=31536000
x-ac
3.nrt _atomic_bur BYPASS
last-modified
Thu, 27 Apr 2023 05:06:22 GMT
server
nginx
etag
"644a02ce-2d1f7"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
184823
expires
Sat, 16 Dec 2023 10:12:20 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
fc3d26f45aff3d8f6b84e1b787a1fd06d2d6cd7da58a88b16d5593b940d816c4

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-+72N3SUCmj7OsZUksEM/682XlmU"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sat, 09 Dec 2023 10:12:20 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://reurl.cc
location
/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=412506686.1702116740&jid=1284579845&_u=IEBAAEAAAAAAACAAI~&z=712303884
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=412506686.1702116740&jid=1284579845&_u=IEBAAEAAAAAAACAAI~&z=712303884
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/ Frame 0F37 		20 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eb0110be59431fd3c8942faca7ee241aef70ddc66cc3316b645cc8ae6ca2b70a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QZ/F21WCMvVioyUwMJMxZA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5281
reporting-endpoints
x-fb-debug
UJQvuqHkFiDRd+6aajjknZPDzd8+jtxhyg+Khdw7oyNtd6GJJMptlSEPVBQ4/dx3X1xMkulkoBeyFlJCpOZbXA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 17:50:30 GMT
V-GL57iHfEB.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/ Frame 0F37 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mEms5HNO4RW/YAm2lY0J/Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6478
reporting-endpoints
x-fb-debug
l5RQhyVd8URxzkkmUrIhL+M56zEKkSZ0id7WmGRMbRXrJTsAJE2/YNv19SA89mg3EZ6VqCHNVElAs6c/IMAp4w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 23:18:01 GMT
L9vxdWjqRLv.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,ja_JP/ Frame 0F37 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,ja_JP/L9vxdWjqRLv.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
94d523edd701a50db76faf479f4e32f007cbd97ade5339313f1e5a1ef5b35a85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
YxGy9ULmNYpse9KBe8qMZQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4833
reporting-endpoints
x-fb-debug
I66HsIkWfOkwt07ooyILB/GF/RU9PwOE/2DexBYG5YttEsjc5oQyZesfSpaeAkSXOr5KtuUamni0TN5WaozTjQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 29 Nov 2024 16:55:50 GMT
JS2LsxE-gw3.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 0F37 		354 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fd66f83ea75a1ccdd4953552363bc37a9cf055220f8d89a23ec8564c8d2ed2fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Veg+9swSo/ybchlTfP+avA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
93749
reporting-endpoints
x-fb-debug
GILntJGFlzWPcAkfpFiCETadOEgFC7qAmnMiwNYjd8KEFZ+OV7kRr8nHL5UYo17PGD7yFZBQnrEzltxNivpk1A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 08 Dec 2024 01:11:38 GMT
YJcyY7izLGB.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 0F37 		94 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/YJcyY7izLGB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qj5bFqqBeNQLu7uSNkxJ/A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27471
reporting-endpoints
x-fb-debug
7pUWswxC/faPP6SIN2aiiUUQxamcHXWruFIDOdfiMWgW0/j0h6/LCupP9FtI6bfMa5FkmOrXN8xj48mgaXNtRw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 21:16:33 GMT
tbb6w30TkDN.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 0F37 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/tbb6w30TkDN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
HCL+u+2LMSrM7ELnarU2bQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2226
reporting-endpoints
x-fb-debug
5ktdl38nnKDsn9IiNqlPm0x/hIIGePfp/hs1vcHneiFjH81tgrSqVPa/w2GHGbsT/H6Qts+4gMFfcyNsRe9n8g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 06 Dec 2024 23:21:08 GMT
5iH8lLqlxlJ.js
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 0F37 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/5iH8lLqlxlJ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c5d4bd00c93f687b2f1c47656a5dcee22ff87ae4dc205dd7d982d1082532cc29
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
/PUjyDQo/qxByU6XD7sEBw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16835
reporting-endpoints
x-fb-debug
kuRPdnTZE0wgqAu7Ya6Wfh9LejdZSfR8jUCaseZyksrDkcNAxvk8ZuU20BCDH1aURo57GRcUyFXp1As6HkPh3g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 07 Dec 2024 00:37:41 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 0F37 		507 B
517 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
reporting-endpoints
x-fb-debug
xfgMgiKBNsgcrx1lhN/KAu5TXMhdGyZN+axJ/V6pOqhxELvn5BK6ldlta88fpUHI22PCxZ55HcaQrQzpPfRI7w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 18:53:20 GMT
kUrCp987F5r.js
static.xx.fbcdn.net/rsrc.php/v3iLxq4/yd/l/ja_JP/ Frame 0F37 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLxq4/yd/l/ja_JP/kUrCp987F5r.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3a7a68e832e09c668589e2bab6e3bc69348c21fdd4be0b940446e8d3b0948a6d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
cO3XBqtxUlL4qpnQkU3adQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7937
reporting-endpoints
x-fb-debug
O88ACbMuCfMc6vwIvp1vSyiiF7D2DTMV1/VJ9hFlOEVXQtYKEkijANavF+nfKT9SgZKdf8lSUO0HX4CqekzYDg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 07 Dec 2024 20:00:29 GMT
KudK-WKp3ZH.js
static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/ Frame 0F37 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
phAMyoOpvbhoet00DvMWkg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20298
reporting-endpoints
x-fb-debug
V2nMxDNmmBVYt1ddnQGQMNaxsIehY2FpXDZoBdbSez1bMSAOcTxo6yEs5Wv3cuT6XKJ0lOXBe4a0mjapvjd4ww==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 30 Nov 2024 23:19:01 GMT
a5lyNsAxenJ.js
static.xx.fbcdn.net/rsrc.php/v3iUOk4/y9/l/ja_JP/ Frame 0F37 		348 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUOk4/y9/l/ja_JP/a5lyNsAxenJ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ebacafc72baccb35d633c8959c37a3b14cd64c35a94355761f5e84af4e24323
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
0Ycn4CdUMcQu52zpN8q4Lw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
83382
reporting-endpoints
x-fb-debug
xJ/0uPuH6eBroeGEwsJMwDzR2bFakJbrQgevVXnsOqi8dyyQ6hakXyc4vsayO2GrruWlKrKliDayIVG74Nocew==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 07 Dec 2024 20:00:41 GMT
TioQWlTZ3BG.js
static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/ Frame 0F37 		397 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/TioQWlTZ3BG.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
aC8cw5hP/LLy3Ed3OJp1xQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
95634
reporting-endpoints
x-fb-debug
oLbxlQI3oDtVbvrJsptWyFdLFCxfF0/G087Hi5bym6g7yu9m4yZ03IV9hzDs3Ajl0FEGTOZTB2uYF/F0RSoXfg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 19:24:12 GMT
qb2Dj7XLRaI.js
static.xx.fbcdn.net/rsrc.php/v3iB1C4/yR/l/ja_JP/ Frame 0F37 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iB1C4/yR/l/ja_JP/qb2Dj7XLRaI.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2af9dcd5f220b6aaa7fb46c21e3a9833abce8a1d7953c0591013081dd73c6e57
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4Adm+FXxkwDjHgLJ9sF/4A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17829
reporting-endpoints
x-fb-debug
nyW4pDFbyjuixRtKkdd8/1tMamMQWBHb9rOxRUCaNeTPs5odfRh8GKReCYsHmyuNL7tiIBRj3caQCxT6iu7rEQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 01 Dec 2024 16:14:55 GMT
8ymKMCefWgD.js
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ Frame 0F37 		209 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/8ymKMCefWgD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d353b1355c456941a6195bf480abb7c6092cfd0213313f56168f2315b43d40e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
30iKdJ7w93p6Ga9jpgjUMg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
60955
reporting-endpoints
x-fb-debug
q9TXbFzKaCSE8ncbx788ZypFR0zZUoIwUDi49A3p4F8NMBanpwzKYgLF+vUwuwsn/WsxWanzyTdZAA5ktXHbog==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 07 Dec 2024 23:30:26 GMT
EjdAug5mQIB.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 0F37 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/EjdAug5mQIB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QpoZNtNrb1RRm+1fPhnrPA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7378
reporting-endpoints
x-fb-debug
k/Yu4P7DehhOc6HhJ1VTs/0YTUCjF/jB7QpDBMr6Apapx3wP3WarngcdrGvViniqPJLfW/5Fb6A3kfRdQZdMtA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 26 Nov 2024 06:33:45 GMT
HzxD9aAXSyD.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 0F37 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
oRcNmPqvdkv3ysBSBC5rSQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15157
reporting-endpoints
x-fb-debug
caFcZax7wDhvHTxTdGJLpexAbHOkMnL2LXYNiiz53AZOhHalTaJJwcnCGl6FlWXXkIE5uUDpAY+UvGwH1VUjlw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 27 Nov 2024 19:20:18 GMT
325141786_6140032619364934_7377705774471631398_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/ Frame 0F37 		0
0
305964663_450890893727816_1742559653774706626_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-1/ Frame 0F37 		0
0
map
bcp.crwdcntrl.net/6/ 		156 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.89.19 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-89-19.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
f7c5a25ee12e00276a449115d2f6148f69f32365dd7af57f8ca2d222bedea268

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://reurl.cc
cache-control
no-cache
x-server
10.42.12.235
access-control-allow-credentials
true
content-length
156
expires
0
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 0F37 		573 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:20 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
reporting-endpoints
x-fb-debug
ZD3QxG4H8eTNbhHaKOzszlH4EtHKvLShzewdJeBbNtZmfDVFH+Y9gPvS5cqCqRkE52XvbU/eG5BqgT6K7eJRzw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 Dec 2024 21:03:22 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame 0F37 		90 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2FgaOWLp%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19700.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010319003&__s=%3A%3A8gf5wr&__hsi=7310535733312729682&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__csr=&__sp=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
466a2b83598f050f049b67846837901257419fee715406c1bcaff1d16ffe150c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
lr4EWeALT3pVlUX71IS8dI
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 10:12:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
4qacQCBrPvFGakfLw/d1vsqXyBfGM57uQJbdbcjtxtPckY1fOpOpbXrNeXgG9xytcXhL32m5rOdUOTHIceZ9Xw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/platform/plugin/page/logging/ Frame 0F37 		955 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1251a26f79546132084dfcf1b0616cbedae57c5560878d70cd4b16e7615bfb5d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
lr4EWeALT3pVlUX71IS8dI
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 10:12:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
51or1F3vpgzNnCjWW1489FVakToma6w/f56+y7Wp5sJjS1zVG6zumknOA3QH7NDg0sa2ZsEtDBTuGw1fQ+hdiA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 0F37 		955 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5b6b12321b6a55be0f76667bdde586a2c31c20ae62ddc1a49e90f43088cd558c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
lr4EWeALT3pVlUX71IS8dI
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 10:12:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
hPY63DCH3FLqbe2s75McQRvQGj66Te+F++NFZdpRpa/oe6fOUBzdcqgtgzT4Ldg3FlMWJxe56sNWYqc3EgPN7A==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 0F37 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
x-content-type-options
nosniff
content-md5
Bsv/k/2TeJemYEeLUt4www==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12027
reporting-endpoints
x-fb-debug
IelIUaaXgpvYzHdmliRgH8JaNZqmB03FG4wBEViLkwuWwSuPoKD7LEwtRa+4SN2rUE6kKUPJ6IpWIR7IlJE0cg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Nov 2024 20:21:49 GMT
xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 0F37 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:20 GMT
x-content-type-options
nosniff
content-md5
rB4cTW8WNZcBsFntToJGtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1315
reporting-endpoints
x-fb-debug
B4HTGQ8+lgFXoP4gLeSnwqSjSEJO/Zl+YNLjxf7ZNPD8mam0snchpe5q3k9M4yU4g3+9Q+hej9DQoYa1pIm8Tg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 01 Dec 2024 17:51:04 GMT
b03rUpj3fKJ.js
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame 0F37 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/b03rUpj3fKJ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b98745699334e83f49350bbf814a657f787ae1d515b8e41df4856ea89dd2f8a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pG8ZphjXUfeB/6xAtn+7sQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3454
reporting-endpoints
x-fb-debug
DRdGtH5o58z6Xkn/N2MFJuS7rGjvEI0Xixz49NLzf9FuXBFtimHQo4N7Fnk9RjGe517xC7vX3A7fxbvNkQyjHw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 21:16:34 GMT
C8LrV2fV5JS.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 0F37 		339 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/C8LrV2fV5JS.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d28e955cf2bc7eab352b6053c691492b7436b141829f69b52f3639f86beaa96
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uzIAFtOVooYStiVL9khrKg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
74671
reporting-endpoints
x-fb-debug
WFWC+pJi/TmV7uPVZaD2eVVnDg380PeWbtKUfBbFBf8EkriFhYc+AdkB0M3oaAX9U2hBq0B9WCOnjL5WGPJUBg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 21:47:54 GMT
QQEU1-TaC4N.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 0F37 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/QQEU1-TaC4N.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uDyhM5TI+HxzvqrjM1/g4w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
898
reporting-endpoints
x-fb-debug
jpXegtyhSt0SkZh6ookROgivzVIO0W15/waLWFSNQ7QKBIJGAljllPQiLvoIFHpO9WyoNNGPdoqNHb90wovzKw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 27 Nov 2024 18:22:49 GMT
ieeHDjcGsIR.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 0F37 		213 B
353 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:20 GMT
x-content-type-options
nosniff
content-md5
oSUZEsOZh+qyGbXjvLFs7Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
213
reporting-endpoints
x-fb-debug
PaQaxrrG/SwH/VCxoBLUJjuZVRObYZsc6u8gggjVxB+aLLJmRUd1odY1Hhf/Ee68u+Hm63Q7+IpSs0RaVwM7Eg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Tue, 03 Dec 2024 18:38:39 GMT
/
www.facebook.com/login/ Frame 0F37 		0
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 3699 		484 B
723 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
2a73eeab28aea3cec0383f3b1aff4d10451fce9269b7ee6f6ed926f89bf9895c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
307
content-type
text/html
date
Sat, 09 Dec 2023 10:12:20 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sd
us-u.openx.net/w/1.0/ Frame 3699
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=3c0777b7-5d5a-78cb-ec18-75814215a1f5&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=3c0777b7-5d5a-78cb-ec18-75814215a1f5&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=79e2fd74-05cb-4538-80fe-799c8e1a79d8&ttd_puid=3c0777b7-5d5a-78cb-ec18-75814215a1f5&gdpr=0&gdpr_consent=
43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=79e2fd74-05cb-4538-80fe-799c8e1a79d8&ttd_puid=3c0777b7-5d5a-78cb-ec18-75814215a1f5&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=79e2fd74-05cb-4538-80fe-799c8e1a79d8&ttd_puid=3c0777b7-5d5a-78cb-ec18-75814215a1f5&gdpr=0&gdpr_consent=
date
Sat, 09 Dec 2023 10:12:20 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 3699
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXQ9hMCo5uYAALJ5PbYAAAAA
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXQ9hMCo5uYAALJ5PbYAAAAA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Sat, 09 Dec 2023 10:12:20 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"31.204.145.172","key":"ZXQ9hMCo5uYAALJ5PbYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad273"}
X-SO-Key
ZXQ9hMCo5uYAALJ5PbYAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad273
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXQ9hMCo5uYAALJ5PbYAAAAA
Cache-Control
private
X-SO-HostName
m-ad273.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
12
Content-Length
0
X-SO-LB-Hostname
a-tgng40015.dc2p.scaleout.jp
X-SO-IP
31.204.145.172
sd
jp-u.openx.net/w/1.0/ Frame 3699
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARbm4ih2LO1Bks8AEDt7OTgH1s8AAAGMThBODg
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARbm4ih2LO1Bks8AEDt7OTgH1s8AAAGMThBODg
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
via
1.1 d21801cab7ccaa4ff7de3d7b9e37921e.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT57-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARbm4ih2LO1Bks8AEDt7OTgH1s8AAAGMThBODg
cache-control
no-cache
content-length
0
x-amz-cf-id
ulUXTEKmXd9iJKsGCvVDsirjGgXLyk_7Aq-05S1EGDBjuhr5VbGH5g==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 3699
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTA2OGE0N2QtOTQyZC0yNjZmLWY5ZjgtMmYzODg4Zjc2Zjk1
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTA2OGE0N2QtOTQyZC0yNjZmLWY5ZjgtMmYzODg4Zjc2Zjk1&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTA2OGE0N2QtOTQyZC0yNjZmLWY5ZjgtMmYzODg4Zjc2Zjk1&google_tc=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
142.251.222.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTA2OGE0N2QtOTQyZC0yNjZmLWY5ZjgtMmYzODg4Zjc2Zjk1&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3699
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBERyKrqm9aKL6sNzAYxXQk&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBERyKrqm9aKL6sNzAYxXQk&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBERyKrqm9aKL6sNzAYxXQk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 036A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 10:12:20 GMT
expires
Sun, 08 Dec 2024 10:12:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702116739890&gcd=11l1l1l1l1&dma=0&cid=412506686.1702116740&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702116740&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=scroll&epn.percent_scrolled=90&_et=6&tfd=994
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5333 		217 B
716 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEY4ezf7gEwAQ&v=APEucNV_diRgBUpxF5Gil3wwiv7vJno6qeHFYUqsHlIEkwntTxe-Vlm2utiPLvaF1jePOJupcXT-hmrYR8KQFBjUFfi-57w35A
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1b1661ffb71705ae01b3b0cea6c065ae93d49d6b547bfeeec0260fa92bf2793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
112
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 10:12:20 GMT
expires
Sat, 09 Dec 2023 10:12:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 036A 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 10:12:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 036A 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CFsxceOjCl13QbFXaemkot6idUhpM2-XsFGNR58sa_G-AufrkQYWeuJgI4vEv_SBuUdrvpGzwjyoI82RpN-fUtYglDHioUxv_Wn2-Op4xvErCVzw8
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1527247/72330247/xbbe/creative/ Frame 036A 		263 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1527247/72330247/xbbe/creative/adj?p=APEucNXUaxijjchp4vZ03GancbwWtgKZezgyUbnk4_jhYxkzSvIZFoA&d=CokBAKAmf-B9P4R8uc7nJ_0OPGt9WZZtJh7V3rKJedjxbXAfQJ5JYWJHLWgKtGBil5IT4lSML_cPLhUEe4EXYwDw4BkamX4Q5BwLLvHgzNjNsBWDy88d3MmVOvi_rkk3HPjvaw01fhuR9Fa_2XdFrCDsUcG6kcDV3WE3Fm6MOoPAY_SD6vB2SxFaduYS6RUAoCZ_4ADFZsw3UxjQIr5Lb56yTSGfy0gg7EPH9xBzPK1JFubt4cwSGknjz7nUXaCQRXpKw7ntz3__SEGsEi4_TaD4tLPPXr6Qehe5aEvTLwjQhqQKMcNoudEc0HqaPis-e-MwiuDJd5t7l1wrIP-jd96xbUemYuBon3ypTXihLZO-uxufJNXoqtW4Ko_iiD3lDgeu0o2xTSSKCjvaJ8cUmPbBeaQicAWR59v1gjXtpSefG-EUjySRb91YjGb6sgw38tj7jvFb2ZGtdDm7KVKmjE0gA2KR_l8Wb-ZXCZQXiBC8vrrMqAdbgHMQyyDSF4f-JPdmKQ1WEM0YJUPG0xOPE81JXrBhPVIreyCR9KKpZJUV3cnQaRzFmIStkiPYGHURA5aTenXR_SzHyNRHkoOQWpX0YoirQ2VX8vYeMb71R7mxk2MnXHrs4O7-YE0F9hytTSY467rx0PiPrE9fNazvpRSt9ipwf3WuBRXRvsX86D60xq9j1uT7MT2_C6m2TxkjUZubW85L37bSq3K9F-koS6-MMMPQmaXDmLQqKrfk64-FOAX-5Cq5lrMAy5FKKJR47Yf9uDUFiD60Vne8NEjX3r1-6YjphDvMWg5tfZYkA3-L87I7tK7AIpBENBMmfEh8A_IyM74HA2sHC2wn9lDf8L7YeRA9tVtL_IO7R_dO0L2s6B90xGfyvjpZaK33V550Nt83sBAq9T0N7dvv-m1bHuBHlRQ4a3x9KVvJLOXpf8F1OxuzUkDFfwKVMe2VWVhwMJn3HvLXXYgnTLiIlU48wPRdv-sLhksheiCyLT7zQ_s_JbPvEpowe3rLgmmf049KFlBoDxWAOxoaPNwxdA4khbtZqnwcxEZrlGW79SUoBSSuOwEk2_OLmOAWOUyHo5NjaTNOLSAtJKdmsjY2sfcKqJh_YvySi9Xt42sbyWaysWfn_TYuO4qIBkil3z4FIvGNBNfsX0mdtznNAHOJz4tFMfceSfANcGUnNDaz8FAtHr-NmwGQEEasEornJmBceS9ulSIr8NJfNFWtRwY4no7jcLvHkJb9mBE1f401MROIV6yVdFP1WcmMlON4zNrn1U4U5o7z0vSHAUDGjoX162QIW854XaTc6L48POM26_Xp1ue2az8bxhzkD3AUcNGyESWqTCApE8JNlivl0v3N0SKat7hGdvcqYBZH0CI2F4IXJhsKhGyIZDOTorXH45ecgWKFJjAdE7u86DVrTStkSaGfm5JOOWoSvt0c_RqfBlXKi0XAP2frIwWW33B7iRvOgLgzz8qwhw_PSu3VShO_8qBLbvAFoadxHr5t6-3q2SZH_BE_tOjV7QqJUO9vzX3CNQWgmYPH4iZJu9tJ1SBhtRQNyGsdGJnDesq6oNO_nbry77zhgZbJd0Kn2wOJw95T1MQ3M-n35qe9zbX4eyLdchFxRSQa_QHcTUIIRhwscBCCMMDDPS-13Mshy1wVKDsAzLrJAx6EbuG3G9tbFvSLJRK1RL1k0g8JD4QgZyC13hTMV4xOatGfWJ4rjyae2BImpkJA9YbzdXCFzTdSArJ6ZXeQJ-q9UXu7l4TO-kPNF41FQyXVHVir3PCrqKh6QRlGVXgm4UFmfY0KfafMxUk1oSTYg6saCquJf2AbRjWCE-ctOuWbXvZ9vPI4P7LmCZ0Cw9tyiTFmlQ7Xg5yIrzu5xhd_MZRIdE_6S4IFA7IVfUwcNyUUizdpGuLSttSJMnvZpGxbJesGVacnAF3ApDN2du6kYzfbc3WkiyUCGNozknp4S44SZeB9G3ihGCU9XNyFcHAjtTo-XZ70YvEjVuAIvZUO2eN3Z14_VMWeJ8L1RLAqPqEVpfFlxjuUaL_rYYoqNoHIAe1onRssKoDQKMps0A3H0ThBWh67vvev7rdqESB5AFs3rUOdqJMl_OLakjQpZhW7nDAx4EaOHzWJMxxGcWApOt09JAN6W2332mYqREGLwcx6oFd-geIi1IN49LZoh5dOSyLrHha8kTuexz18dkgANIQj_LV0PRVvrdm45Efbe63AZYMckB0Q4c6o7y-4IX7gU7UxTjMzrXlYRQIJnRdfRR1moO54CNoB13sKWamisP5jpGtDKXN-FgXaJXwRPsXMOhd4hcDVooGZ1SaQb7KU0ALQD6MjP0avHu0BuP9PUpSmkajLfZ5UndMUtDqoPgclF6U4V-tCssv-9DiPLT9zu4-BXfJ31xYv013y_QdtFelW9mgk7sjwz2WbiriebVzecWSoExfjW5qk4emI2a6HIeifYX0Q3Oq-wvHuhaepeYyn2zJy5HtEmtB05ai8SILf91lAe4cb3QX7tOgiviQqDZPnTl82IzDTE33HGg9bHOgG4TRGNFFdwLvXiPQtWxzWlg4htZfeJa7tboSmgx9cA7zP11Zl3hILaZjFVwfPjjnD8GCnHw8pFUd-Ouyii-V1o5wm7vD5Opnc1c5b7KRG2LQp_t8xn9i-k4V3cxIQth1UTdSHV-Eb3znAo1W8tOSbQTvQKdCZpo0mYGi4I6YCo_BDScrVmhM6H5nZMp1qTVLhPAyuLqZMFRcsGsfmPSJS4UNKis7v4ezha8fy0SoIFfwJeqD1h_YQleuOZ_9eu2VAf0nWGQToFje1S9rfl2458PlqsmeAQPuN-HLJ0qLI9hHoqrHw5QIMZzeQNPUbuQXu7wHerszIsreAHzzxEgYgMpFs_8y1DPAaXC61gaPxY2tl2vJD5pujLBXTmqtCDunsnswK5kBs_evwKXR4vHNHwxWWu5-Vv59NpXyQybZ-lShbdn2pN1VkHKcu4Esh3cwdCsY0fvQNmUyv4GfdGs8Kr281swqASdTpY0aB2q8HVRmxLSvoqFSuPxX7z4QsGZKVtAfC8XUuhYqaY4hzg8_YiwOf3Vw6yXssApg-bbg2Y9L_F4xk6W8J9u6LOeXQqvunkfYy5x1lYj8Yso4C-_gAI-7xdk-lwfa7fOECTLLewY2l4iCh0Nfo_Y32RJzkMvhi3nYxhIE4fKiQkvLPUUrauHHX3echcliAiDdcMFoBDQuogtOUi13x6xYfnwIRCQzTFThEoKexVm60Hg4VtImPGSyYT8AgPBYtYtvNzeSNWpvSFPA4dyAKUkvknSO259loI0O_5Pew2ShiArpw2108p6eHgMWxka7dT9XAy0cTwCBFIahKocSyH9_FWlr1GAAaBptfNHvVQZvn2wUt3EgRUkk7u1e33FrSsPKKC10DGKEH4j6FuH9astLT9WHyOBl81ixY13ptjsRnfxboZIradmUmF_L8yR2ezw5g13p9SVrpAhl-cGQuVYo84C5Fai_qIsHqjuZPFMJlJSoee5c9c5j5sJCLSdZLPvSYDamIAx5YWys_QYRrMJHDVN_d2GfT2rZMpZ8AzRWs6kjfxEWj2Q0pCqMoTPlotAkdp3n-hnPVxZBeo_pKcQBniDKtSoC_0A-S5fxcEictdsiBZ9OZsO1RG1qyLPCB0NO9LolR8_-rkjo2oY-QRrfSQJ16-QxBxQcgZW4PBNWganmhsLbP7sU_sBNBFF_na7YBuWC8ZgDQwHOLvui18l1X1Wu_hVnFGDaLMww_pLVV2ushRpRGeeQzTVlkT2epZq5fyd5m_Z0GORQkIBME0LmtShnNmGDx0VNy42Bhk_05RArQ1FZCF2SGZ7KMMJB7AdfI2HDP-GQ0_0VB9HRJgy3KRnhUOPw1V5827f3zVnrrA2zRWwgUrXZsj1vA7A0aVAgEEk4AyAmmjXnRt0p0XTp-vHXNMbdG89HmUTxBl-_XPLYj8HI-cqgMp5pSY0QsMp9Lk8Ve1ZcU8WtD9kSU4JR4ByYi207zM5N6MC66gPSirBwYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1013061581&ias_pubId=pub-1310852604335254&ias_chanId=1&ias_placementId=20266420299&bidurl=https://reurl.cc/gaOWLp&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iQWSCTDbot04sD1qipMqnr
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.74.211.183 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-74-211-183.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
47359059b0b29b8fc52c56402079fbba06ef266e5dc9870118a3a46b8a2f1b00

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 036A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
23463
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 03:41:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 036A 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
23463
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 03:41:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 036A 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 10:12:20 GMT
/
www.facebook.com/login/ Frame 0F37 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 09 Dec 2023 10:12:20 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
S8PQhEHV9PKPUdmgKHJmiX4fGCQEUlYCZs3B3RvXua2ERxCOTDEHxmpGuLr2nnNT+u719Eu+uDxvuhlRfqfOfA==
x-frame-options
DENY
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 0621 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 10:12:20 GMT
server
Kestrel
server-processing-duration-in-ticks
388560
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
pixel
cm.g.doubleclick.net/ Frame 5333
Redirect Chain
  • https://s-cs.send.microad.jp/cs?key=google_1
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEY4ezf7gEwAQ&v=APEucNV_diRgBUpxF5Gil3wwiv7vJno6qeHFYUqsHlIEkwntTxe-Vlm2utiPLvaF1jePOJupcXT-hmrYR8KQFBjUFfi-57w35A
Protocol
H3
Server
142.251.222.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Dec 2023 10:12:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length
0
x-xss-protection
1; mode=block
/
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/ Frame 5333
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEMGE3GrT9I23g19OprFo5NU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEMGE3GrT9I23g19OprFo5NU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEY4ezf7gEwAQ&v=APEucNV_diRgBUpxF5Gil3wwiv7vJno6qeHFYUqsHlIEkwntTxe-Vlm2utiPLvaF1jePOJupcXT-hmrYR8KQFBjUFfi-57w35A
Protocol
H2
Server
2001:df2:a300:bbbb::136 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEMGE3GrT9I23g19OprFo5NU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
309
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 036A 		0
58 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=593517642411&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 036A 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=593517642411&version=m202309260101&ct=76&x=1&cor=8329352663281284000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 036A 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhzCNsZVnijAw43er9bWh4xIHJ7Ne6XxVKHBZL8rIsYWGWNZauwZRx7zQZuisAQsiCfSAnfnRc7jjH_kIT-Ct0dPpD86i-B_2O6Onj9bI4CkGRuT_BZBggNakvkk6lnFCe5DQlnoAcibKc5BPCC8z5G4669jEST7eNgoSHLH0mVzCXKTI&cry=1&dbm_d=AKAmf-BMs8qAz6JZ4s1lU-Uj2S3luxb8XUoY2cXqD4UA_JZftJo-PKiHtU7NsZyUuXTOJ8DkkEEjlSObz-Ygu7YmWWuA_43cKuH7vOb_nGpI405bR96t4uQgpOJh2RaMG0JRy1mGn-CamCeWBYix0kLGoJjWCckROzcAxMDqYgGs3DdmD1evTNWPfDjWW_vHxTfCzWAStWhL-iZAkxCbFTITtOhSzdRvoibBwcSk9p4p7vb1BUehvDIBDu_LL-Si8TMeAe7L0wsOIVEJJ4m-301O2tJlBY_iuoNXINZIOAbTWBZPz9Vaqz8v2xoc-obzVYhxokW7E9MfWyPs1NCcQMLdS2cXfrT7jIw4WMYid4N8XeLTFK4LS9C6eJzJsvuLj1lliak1Nj23TD92V-OqTMz8_-gF9F2x3qQCEqcXE8mg-Ml4nQnra1550jdfNpDBDV3gkqEGPi7ll1-POVOnI46sutncLDAty6zb-O5ZtwfO6JJ51ZpH5PmYTXt_VCkdBuKXEi3C7m-6RZxLX-x-0oEbe1eTtIEbzTm-xwunvqPpcE2pCJlCO75JtOZBqcMuVayhGVOWuTbnT7MhmjsjV6slTJQ0m95sgf98v_XnUQVc4mFkG9YBm_nHRRILOUgh3QZBgZ2jp3xobfm-Z_oTkPVh9gC5KJ71VrfnQy52yYK0G50LjSLw6oguuPFHjqLi2lAf5tEXMzAXchyHWm6kPmaxKrehc3eFL5wy3RQCmolfWlLtuSH2zdqw7hPz-8qrCmJLJedu8zQyic3StTItF1uhv2zeh_AW1ZFTQ9rYP2klS-7TtWU4PCRIQHG8WDHxqfaO-dDb092TLXKs2kMAT0-Np90LQajBN3E-D_nz2VbhvnCXORTW_jBW_dcD8k0LZRxGNZJu-lo0rrv7UA1e2yjF9i7jwDreCk5hYVTIlTcQHIlnf4LKGmIDmQUMguiceEmsIOI51V5WlEza6sIz4Q6WsH90ClUEZKEQZCeOd_PgJnJRWQV7r2kXCwMcjgI820epmHxrjA6YIeSivRz1TSuCG1ype9r0SbzWM9kkZlWABz6lT5H7eSjSPEzBIGPq8JwY-5ECU4eCryMbnsMZs60rWDMOCtUZWxg77Bva0pyjKlgH0EKLwJKAgwNJ3qtdO_F0SCV-arTNliD_b8LxoOAHSKi_jSR6hLZk5w8s-aMTsrJwmHWSkWRvYX2CJXcxk1FzbZnP0nKrMbO81ffN0Xa8OrLjgi5m6y3MCeRBVzAee40KAEmKmQ9fXIvMD8nd-TH-XQMa1kPT2Z3eUn_e6Wm4CcqUDg3dML8TruEHr3Oa9CHZNwyipv08CkyPDWxH7bEvQokz1dOXXtQCIpP2g5uALsxFuh9Umg2wTAWJsCJ5GkVJOIzRzdTkhfQq2IGPMtLsG9HYqbHe_Z2P2LuGjMlXtpfdjhbkwOMyHyPabOO0dAAbKF6lHd25e90ce8_QOHECJq41Vb4zhw_oiBalWj2eInllPIIQ3pLl9pxjGI7gtHFzbJs3Qrr2NLwmqXIar7Feo9JqyfeDa6s1Vp7KPFCzpFASGXJP2R4xYlExsImd2izVEXOGHzolLAL39dyfThHBp3aAIFZ_xWIlYF4tAOoH9pxptrHkBl7FtY7lAxW2Pg3FpdcLG5CtbLl3W50HgeJSGZEnVUyavMcibHZOj2K4grkTknGOuRxQc-x5cUrv3LDcdXt5Pj5zzjDQAvTVFqJIWCVgcJYTscjQV7-NhuFQHG6aG_cyTGI9XLYyaMyKhM7cTRkliWPgg2EkDytZRm-qxtiWHDfzfci7UCUdhBl4mRrf5lykWwcf5lZPTWTJNw3eG6z9WmcVfIRFbS-tmICZEK1bKW3riOwhJShlsRRoj2MrkS0JZ1IGMMvkZF2Hyv7uw7u93zgwiEzPeGfnFqEX-avaODk5h3aphcN9bpVVxaR_HvsUuTdWRXsEnLYxWdz0IS_n4V52zevScD5fO1Afu921WNHrl_fdmdFN8BHAuxePEkflOB5L0HtSfwTjQFuvQ3_dDbMD8MlzhRLj0tXJJl-6RPtZ8yqXPTaW0tRmIcKgzussyhFFkBBOMuchoXTLL7Kne7WTmA4dcebQaExG8GF6jdzp7FtRhV2lZnmiiTZH5jRjHHoalDZ8mBWcog2HwdZGyDbFK4641gw315SHKM6mMevy8W2SPoLh7D55RH1iVm1lUDe10Ax7gXSVsjeg5gOclIJIx_5cRQWhYfTFF-bovxAWVwlkQoDwU6EbjqVQ_6vqUYgMLWMi54-4P4Ski2TUQNVZmaYmB15nudFU8SnSDH9udXSWTVJVlTMfE8_9xPYnDCUxS4YDxn0q1zkqDLsC76iTcmhcBwaFKvnCh474-YRrBC-J_AmksEeCf6V3OKMdWQ5gOfH-wGGmG68pzOWKM4mIzpLkFFFkhKYdzWTi7wiwPtRbRJ-d4YX6-9yrIltIwM5G05zyz39srh9wKCNofso9L4E0stTv8R8FeGVobij28-n72iLbEeLBL3kZwkoKeytwqGZRyJi-2riby57XQwUrsLRMmPW2pQJHRKJ0LCUkiuHoimgwnAXC5p46pQJhX6vXvSeJbCcO8V_cACRMeZKv_RHWkR-8i6wH077dmCa7QexQANflKOb-F1v_qRsXkx6LDDqO15eExpkT154Vkmh0oWJ6E32F6MBbFoOi6f6pY4h0Lq6-lv1CQb2fsuAFKQabDBarUzbibidu9cwqwEBhELmM38K4eDxpl_pjpnbOh4JR9xEQwevfOtb3bC_QLyBs9zvRmJfhl-EJFOImpUIgrr3LI7M3_eeBcOPbFkMxXyWn6sDwHch4vSFy2ux6M-8P12gJpgXtdXHzqaXljweLYc6Ish1TGu4pAOtWZ84NHEhSiQOapHBHqwzpgvazfEQTdDob9iakUm9o7OwT02vBA65DwYFZSuuiXvYu9r6LvMXLCQx2ZrWaYouZsNBOr2tMVIEnxYEr6i4YObpUau-u1WygJa5CEG2FuTfbK_-oFTpkoqH7Ju0UlYQGQqqFG5bXzXjjvkT6gAvwIXxakCyyhQg_fgEnH4YciTC2mIJ63QiQAYAn0pZa1jdZbYPShUIXo0oxXEoCuiji5KHO2zb1t5BbOQp44gAdfHowbIH7eJy9mzWba-H82UVyokLbYcqSe_wzcD1dssrPTTrCr2OIWuhCtkP5MavZRywTTQo9J-p0SEvdV0DCwMg9ptwbqnJAyr7v-m6ZjsxliAlVWWtdt4Cf8k3okjW8W5TU7l5vC4HKqlsSCvS1FyPUWCuPhQ&cid=CAQSTgDICaaNedG3SnRdOn68dc0xt0bz0eZRPEGX79c8tiPwcj5yqAynmlJjRCwyn0uTxV7VlxTxa0P2RJTglHgHJiLbTvMzk3owLrqA9KKsHBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=8329352663281284000&adk=250412561&idt=143&cac=0&dtd=21
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75d5f53cffb1a406e6096a7ba6cc972337014c9b055842fe71dc7e7314dbbfe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12355
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1NMA3KFv_pn.css
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,ja_JP/ Frame 0F37 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,ja_JP/1NMA3KFv_pn.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6604d53f95876c8b7cabb0609501f5b453662e925a10a2e8002ecf3df5858439
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ezGDj5kiP5CE9Y1p9bUbww==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6352
reporting-endpoints
x-fb-debug
fqqA+KyUjztpf9yLiGyq5gSGUQ6M2Gj6PN+tRP/VsMQxz0guTRLWAU29W+4fsdCOyBX3MEGRgB1PgcJtJbDr8w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=0
expires
Tue, 03 Dec 2024 00:42:15 GMT
truncated
/ Frame 0F37 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
52LYZIhy45E.js
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ Frame 0F37 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/52LYZIhy45E.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ab537e5d1aad79aa80216444bb19c9f009e435a714c7815d7ab071210fccb741
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
C2gh+uM0z58qULSGo8hJKg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15948
reporting-endpoints
x-fb-debug
mqWL48wjgt1FyNZRvlejObhZzQAeJLUMi27O+3tKKyxohGJwKyapdK6nQYjjdRyzzgv8folI9vdDNdhS+5sbAQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Thu, 28 Nov 2024 21:16:33 GMT
2_UQu_HhTQu.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 0F37 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/2_UQu_HhTQu.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa03eb68227b8878eaceea508be01259496077ec5ed9b375f84c77f577b843ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9fmJr3THTP07qrIGN3DNCQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2755
reporting-endpoints
x-fb-debug
HMaNtlbuCjQPb7EmW1j/VRg1zZmIGUS5Ky512yFhYQDsuGshkqxejSN/VEVnkq74Jc2IaOQAsaIe7N+BOCFXIg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Sat, 30 Nov 2024 16:08:04 GMT
ie38mp0O07P.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 0F37 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
CEYVgZg04j7erS0ub7sNsg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10390
reporting-endpoints
x-fb-debug
Lr2tatQQ2pAfLRBI7lIWSfa05UyW82wJJy6OUNTQbHSv+Y6xQ0nj7k6xuNcJhuqk/DQfSyLhWjQunM+PK3YEjQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Thu, 28 Nov 2024 22:18:30 GMT
305964663_450890893727816_1742559653774706626_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-1/ Frame 0F37 		0
0
10041237451703642184
external-iad3-2.xx.fbcdn.net/emg1/v/t13/ Frame 0F37 		0
0
9383379062544900719
external-iad3-2.xx.fbcdn.net/emg1/v/t13/ Frame 0F37 		0
0
377339650_120200301975300248_5194458254965859906_n.jpg
scontent-iad3-2.xx.fbcdn.net/v/t45.1600-4/ Frame 0F37 		0
0
377987026_690579996425570_2654391587099280527_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/ Frame 0F37 		0
0
bz
www.facebook.com/ajax/ Frame 0F37 		0
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 036A 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhzCNsZVnijAw43er9bWh4xIHJ7Ne6XxVKHBZL8rIsYWGWNZauwZRx7zQZuisAQsiCfSAnfnRc7jjH_kIT-Ct0dPpD86i-B_2O6Onj9bI4CkGRuT_BZBggNakvkk6lnFCe5DQlnoAcibKc5BPCC8z5G4669jEST7eNgoSHLH0mVzCXKTI&cry=1&dbm_d=AKAmf-BMs8qAz6JZ4s1lU-Uj2S3luxb8XUoY2cXqD4UA_JZftJo-PKiHtU7NsZyUuXTOJ8DkkEEjlSObz-Ygu7YmWWuA_43cKuH7vOb_nGpI405bR96t4uQgpOJh2RaMG0JRy1mGn-CamCeWBYix0kLGoJjWCckROzcAxMDqYgGs3DdmD1evTNWPfDjWW_vHxTfCzWAStWhL-iZAkxCbFTITtOhSzdRvoibBwcSk9p4p7vb1BUehvDIBDu_LL-Si8TMeAe7L0wsOIVEJJ4m-301O2tJlBY_iuoNXINZIOAbTWBZPz9Vaqz8v2xoc-obzVYhxokW7E9MfWyPs1NCcQMLdS2cXfrT7jIw4WMYid4N8XeLTFK4LS9C6eJzJsvuLj1lliak1Nj23TD92V-OqTMz8_-gF9F2x3qQCEqcXE8mg-Ml4nQnra1550jdfNpDBDV3gkqEGPi7ll1-POVOnI46sutncLDAty6zb-O5ZtwfO6JJ51ZpH5PmYTXt_VCkdBuKXEi3C7m-6RZxLX-x-0oEbe1eTtIEbzTm-xwunvqPpcE2pCJlCO75JtOZBqcMuVayhGVOWuTbnT7MhmjsjV6slTJQ0m95sgf98v_XnUQVc4mFkG9YBm_nHRRILOUgh3QZBgZ2jp3xobfm-Z_oTkPVh9gC5KJ71VrfnQy52yYK0G50LjSLw6oguuPFHjqLi2lAf5tEXMzAXchyHWm6kPmaxKrehc3eFL5wy3RQCmolfWlLtuSH2zdqw7hPz-8qrCmJLJedu8zQyic3StTItF1uhv2zeh_AW1ZFTQ9rYP2klS-7TtWU4PCRIQHG8WDHxqfaO-dDb092TLXKs2kMAT0-Np90LQajBN3E-D_nz2VbhvnCXORTW_jBW_dcD8k0LZRxGNZJu-lo0rrv7UA1e2yjF9i7jwDreCk5hYVTIlTcQHIlnf4LKGmIDmQUMguiceEmsIOI51V5WlEza6sIz4Q6WsH90ClUEZKEQZCeOd_PgJnJRWQV7r2kXCwMcjgI820epmHxrjA6YIeSivRz1TSuCG1ype9r0SbzWM9kkZlWABz6lT5H7eSjSPEzBIGPq8JwY-5ECU4eCryMbnsMZs60rWDMOCtUZWxg77Bva0pyjKlgH0EKLwJKAgwNJ3qtdO_F0SCV-arTNliD_b8LxoOAHSKi_jSR6hLZk5w8s-aMTsrJwmHWSkWRvYX2CJXcxk1FzbZnP0nKrMbO81ffN0Xa8OrLjgi5m6y3MCeRBVzAee40KAEmKmQ9fXIvMD8nd-TH-XQMa1kPT2Z3eUn_e6Wm4CcqUDg3dML8TruEHr3Oa9CHZNwyipv08CkyPDWxH7bEvQokz1dOXXtQCIpP2g5uALsxFuh9Umg2wTAWJsCJ5GkVJOIzRzdTkhfQq2IGPMtLsG9HYqbHe_Z2P2LuGjMlXtpfdjhbkwOMyHyPabOO0dAAbKF6lHd25e90ce8_QOHECJq41Vb4zhw_oiBalWj2eInllPIIQ3pLl9pxjGI7gtHFzbJs3Qrr2NLwmqXIar7Feo9JqyfeDa6s1Vp7KPFCzpFASGXJP2R4xYlExsImd2izVEXOGHzolLAL39dyfThHBp3aAIFZ_xWIlYF4tAOoH9pxptrHkBl7FtY7lAxW2Pg3FpdcLG5CtbLl3W50HgeJSGZEnVUyavMcibHZOj2K4grkTknGOuRxQc-x5cUrv3LDcdXt5Pj5zzjDQAvTVFqJIWCVgcJYTscjQV7-NhuFQHG6aG_cyTGI9XLYyaMyKhM7cTRkliWPgg2EkDytZRm-qxtiWHDfzfci7UCUdhBl4mRrf5lykWwcf5lZPTWTJNw3eG6z9WmcVfIRFbS-tmICZEK1bKW3riOwhJShlsRRoj2MrkS0JZ1IGMMvkZF2Hyv7uw7u93zgwiEzPeGfnFqEX-avaODk5h3aphcN9bpVVxaR_HvsUuTdWRXsEnLYxWdz0IS_n4V52zevScD5fO1Afu921WNHrl_fdmdFN8BHAuxePEkflOB5L0HtSfwTjQFuvQ3_dDbMD8MlzhRLj0tXJJl-6RPtZ8yqXPTaW0tRmIcKgzussyhFFkBBOMuchoXTLL7Kne7WTmA4dcebQaExG8GF6jdzp7FtRhV2lZnmiiTZH5jRjHHoalDZ8mBWcog2HwdZGyDbFK4641gw315SHKM6mMevy8W2SPoLh7D55RH1iVm1lUDe10Ax7gXSVsjeg5gOclIJIx_5cRQWhYfTFF-bovxAWVwlkQoDwU6EbjqVQ_6vqUYgMLWMi54-4P4Ski2TUQNVZmaYmB15nudFU8SnSDH9udXSWTVJVlTMfE8_9xPYnDCUxS4YDxn0q1zkqDLsC76iTcmhcBwaFKvnCh474-YRrBC-J_AmksEeCf6V3OKMdWQ5gOfH-wGGmG68pzOWKM4mIzpLkFFFkhKYdzWTi7wiwPtRbRJ-d4YX6-9yrIltIwM5G05zyz39srh9wKCNofso9L4E0stTv8R8FeGVobij28-n72iLbEeLBL3kZwkoKeytwqGZRyJi-2riby57XQwUrsLRMmPW2pQJHRKJ0LCUkiuHoimgwnAXC5p46pQJhX6vXvSeJbCcO8V_cACRMeZKv_RHWkR-8i6wH077dmCa7QexQANflKOb-F1v_qRsXkx6LDDqO15eExpkT154Vkmh0oWJ6E32F6MBbFoOi6f6pY4h0Lq6-lv1CQb2fsuAFKQabDBarUzbibidu9cwqwEBhELmM38K4eDxpl_pjpnbOh4JR9xEQwevfOtb3bC_QLyBs9zvRmJfhl-EJFOImpUIgrr3LI7M3_eeBcOPbFkMxXyWn6sDwHch4vSFy2ux6M-8P12gJpgXtdXHzqaXljweLYc6Ish1TGu4pAOtWZ84NHEhSiQOapHBHqwzpgvazfEQTdDob9iakUm9o7OwT02vBA65DwYFZSuuiXvYu9r6LvMXLCQx2ZrWaYouZsNBOr2tMVIEnxYEr6i4YObpUau-u1WygJa5CEG2FuTfbK_-oFTpkoqH7Ju0UlYQGQqqFG5bXzXjjvkT6gAvwIXxakCyyhQg_fgEnH4YciTC2mIJ63QiQAYAn0pZa1jdZbYPShUIXo0oxXEoCuiji5KHO2zb1t5BbOQp44gAdfHowbIH7eJy9mzWba-H82UVyokLbYcqSe_wzcD1dssrPTTrCr2OIWuhCtkP5MavZRywTTQo9J-p0SEvdV0DCwMg9ptwbqnJAyr7v-m6ZjsxliAlVWWtdt4Cf8k3okjW8W5TU7l5vC4HKqlsSCvS1FyPUWCuPhQ&cid=CAQSTgDICaaNedG3SnRdOn68dc0xt0bz0eZRPEGX79c8tiPwcj5yqAynmlJjRCwyn0uTxV7VlxTxa0P2RJTglHgHJiLbTvMzk3owLrqA9KKsHBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=8329352663281284000&adk=250412561&idt=143&cac=0&dtd=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
329035
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 14:48:25 GMT
passback_300x250.js
static.adsafeprotected.com/ Frame 036A
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1527247/72330247/xbbe/creative/adj?p=APEucNXUaxijjchp4vZ03GancbwWtgKZezgyUbnk4_jhYxkzSvIZFoA&d=CokBAKAmf-B9P4R8uc7nJ_0OPGt9WZZtJh7V3rKJedjxbXAfQJ5JYWJHLWgKtGB...
  • https://static.adsafeprotected.com/passback_300x250.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_300x250.js
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:20c5:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
vr1Fa3eAVtG7AGe6kPa1Y0WAZAHvQkII
content-encoding
gzip
via
1.1 08523828eac58ab546028ccf39ec743c.cloudfront.net (CloudFront)
date
Fri, 08 Dec 2023 02:57:01 GMT
x-amz-cf-pop
LAX3-C3
age
112521
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:42 GMT
server
AmazonS3
etag
W/"44f0ac540dc9c11f94344414c879b658"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
B0xiiXxB3NT3uEKr0jZBk832wO9XrJd2tZLsWm1eRDQiH5XPIK_wJQ==

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
server
nginx
x-server-name
app03.jp.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/passback_300x250.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame FE65 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c5:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 14:36:21 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 08523828eac58ab546028ccf39ec743c.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX3-C3
age
12252960
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
3WS2tJ6KajQTese5usXaXtEddX8KBcjQfc9Y93UGf7tV7MX1zwy-KQ==
dt
dt.adsafeprotected.com/ Frame 036A 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1527247&asId=9e0b2962-b786-8029-cd83-7dd05f5ef6a5&tv=%7Bc:wkpRqh,pingTime:-3,time:45,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:45,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXW4nGk+11%7C12%7C13%7C14*.1527247-72330247%7C141%7C15,idMap:14*,rmeas:1,rend:0,renddet:IMG.us,siq:19%7D&br=c
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:8176:7413:21c:ce90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 036A 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1527247&asId=9e0b2962-b786-8029-cd83-7dd05f5ef6a5&tv=%7Bc:wkpRqi,pingTime:-6,time:46,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:46,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXW4nGk+11%7C12%7C13%7C14*.1527247-72330247%7C141%7C15,idMap:14*,rmeas:1,rend:0,renddet:IMG.us,siq:19%7D&tpiLookup=ao:reurl.cc*&br=c
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:8176:7413:21c:ce90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
server
nginx
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 036A 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1527247&asId=9e0b2962-b786-8029-cd83-7dd05f5ef6a5&tv=%7Bc:wkpRql,pingTime:-2,time:49,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:273,beZ:274,mfA:278,cmA:279,inA:279,inZ:283,prA:283,prZ:287,si:292,poA:294,poZ:316,cmZ:316,mfZ:316,loA:320,loZ:322,ltA:322,ltZ:322%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:49,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXW4nGk+11%7C12%7C13%7C14*.1527247-72330247%7C141%7C15,idMap:14*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:19,sinceFw:29,readyFired:false%7D&br=c
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:8176:7413:21c:ce90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame F8F9 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
224865
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 19:44:35 GMT
expires
Thu, 05 Dec 2024 19:44:35 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame F8F9 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 23:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
296089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 23:57:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8F9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BYB2lhD10ZeK2Mafns8IPs6-tyAoAAAAAOAHgBAI&bg=!h4SlhMvNAAY3kmNgF5I7ADQBe5WfOOV6RW2RnbqKbc7cX-AvZH8GDc_l65erxZu4c775fC3CK5jj3qeaEdksEnBKez1UAgAAADhSAAAAAmgBBwoAD0kwRSvBpCt0TnbR1Va3OZkDLijYjCusjctEQnrA__tZg5KCE2TZTnBNoG8jnMW-hE4jPsFV_C2n4Cq9jfkRZ-HO9l9cgU1x27uH50lRZdBM8zMbyTOLm0ahVT3NUd9prqJn2MxO7auPgZF52SoZBrhjNrYYFcrHVLYFNrEzw5k3x2aO6U9-bN3_z6QfLbEjPiFNSSx8D15goGS3osMxreLdNgjLQ47eKApZ4dGPbcigusfiPmcczOtEi4zuAs0Z67bHUaUqKaWb6nq7R1_2lFhk2s62BqT5aQQqaDyw68aCAUcR6uGDhIvpertAMWI-jej__HBGVsIk8YnKHfKSJntM-WB1GFj-DOllJ-IsoiBYEQeAzbKjGbnFcjTwCnhYuDBkSE-z3LuK5O0UdRBFRrnY3PLkQINm1rSKWnddVJNq98EQAi3WsYOZKvD9BgxqgGNxoohGY2iF7jcDuQMj6shaYcKqbB2DGL1PgsfbWQnxh5uzDMg-O2e-RDV8tHshVNx3ILuMHMrsgpBgKP8uLR04RzAOYmrgw9j7iYZ_ZwlI2JiAOryGljMjy8FfNbywhiIr6nOzRflaERetMnfGb-nHEwqDgu-bOKKaUDi6LfSCOt0yeC27j7T6N2jt94izUe1pkG42Z90r09KWMF4gbHKPoj1h3mTkfzY1Q81bCMXHkVMwUIsSjwRdjiYgB2JeIpY4OUKXNkrCnXTmPCYn25cxWieuF2uvbZK-yWvR8ZsytRYZRljWr2eLNRZzsvoshWSElCZCCKf185CA5ulCFWn5NiTVVp99rd1uJ_iG-Z5yiEp7GVdF-eji38YYglUEU01Xjfwx0oyocHnr5Q76IxTpztEo0NYd-KdWWLXPwUB2X9Q_jmkAb8aaehToJhzfC4L3yR_hvmmVBNIGKFlcw6NqvduD46rn1Xjjm9qFedccjmEh6A4Fdt5y0hjG8qdpCnfz-1wncR9vQ7aPE5QAvzAAb2lpcLx-hI0YpTGO_DgrMZxkJ8rxzbBGF7w2PT1N_wBUNFlb_4RfghpmjkkhCDmHrdrSqHjs6hkk4xf9VXDvGvbkLaM2tTKpcxDNcMaJcPAv1Ll3kSf97CPDK49Yks4
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C3F2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 10:12:20 GMT
expires
Sun, 08 Dec 2024 10:12:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5613 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 10:12:20 GMT
expires
Sun, 08 Dec 2024 10:12:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame D602 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumjfAYaWbwCaTZiBnaSoJ86NOQjffkXZgjWXzPwInG7OjBEtvLbSEe85ZJUfJx53kfy_VK7m8zbOdkNUENQjRve4EZUYVfwlJn84MNrHsnR0zqbRL5jIOz6TmrIs9fs2Q1jqgW2CNEEO86ZGg_M3_0pLwpe88v3wN5rLOMect88_Rx2b_wLZby9lUGZ_JS8aLCvnbZ-i-WtVqruKvjL1EiKFetVuEppWXk2W-YXRhqJ7n2WN4w2xaNCQLR_Bgh-cb4etLnbQLT4JammU0mhkBClCjoU6Nat7O6ILwQ0PA-WZ-o-9KLfPlS4il6hUXJ1QZWrK3kicU9aJkXQyLXsOFkHvkb88GJEbdKP6dCe3jq3dRarE0XtXIXsSYimV7x&sai=AMfl-YRQIQbE6x9K61MluJQMTMovPC_FEzdwGwMIwu0FpF2b0HUTMmY92bU701xd4oHhX-niDXSCNoodxeQOIjEYCKEPh82x9N0AQK_VKu4goectBnmkAV_bCbVooS8d1Z_bW0yF0Htn0Y4GaAYC2c2Mm8vn1-HOTTjDWV9fCg&sig=Cg0ArKJSzHS-EdpcqNC9EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame D602 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Sat, 09 Dec 2023 10:12:21 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
35
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
NGQ6UIdTmI32_-WaDKS66JdR9_QTu40TzlPphNT9ErJMjvr8n6q2MQ==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D602 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 10:12:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9050 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_KRjJPOe-Xq3oMKlkjzW26xjjOPRlCS8kiQ23lKMIAaBXVavUZ3fj9cDAgJLFjhbN9LTHrnzKzUGmFaHQ4OJhBN2HOEw8w9ShiosZwYGB-wGV_rLnhJ1xcLtOTd_kC7kniTVjVUTQZxRkZx86k2XUTmM6gtQMBsSo6h_AfdHbwrjQCLXINu9OMhpHtppCivae4js2RfHxJRyTrH03XS8vtCpFG7CHUZXXHBhrG5WTe6BPF_SrRR2DPASxpHFRUAU489DrbxOqLjyXmUeuAkgRz_31Wn_CCWvn0N-SvsVb2P1ESLkGiYsXNTTnWF6mKOZUIaBqQFU8j8vA3CD6R5Wh0M_hEEm0I7Li_indmX_ZDRyi6-EDFVFgxgnQxc0G&sai=AMfl-YR9HzI8OP2qjTl9tyvKZ3fjvWM36LArdXtIcbuwU7V8j-emzzjjk-oWpaskK05tGOeDErrlJ0Q-2kyZ5YTMtUBDpB869Aa5W_qk61F5FBhv6syPtfHbU-QF2GyvcwknyNpkJTATEA_bg0QrNSt_pCncFNHwA0eTuVlCmw&sig=Cg0ArKJSzDNirX-Y-wrDEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame 9050 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Sat, 09 Dec 2023 10:11:47 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
35
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
H1Tq39ec7jgI7pJVAF7JU_g8SLIQkFNGCZ8hNtgU5rSPRRD9rPQbWw==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9050 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 10:12:21 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame CC3F 		448 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNUKWhpJpqPXsvt2BdV8g0VEHJAAd9cXFs2zIim_lkKhX2lrcPMQl097zhdCTosDGAUdHPR84D3YnkZHe_jF8dIlOlD5MQ
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 10:12:21 GMT
expires
Sat, 09 Dec 2023 10:12:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C3F2 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 10:12:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C3F2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CcjeLTLIuiGzeDZi9--GWuK-UaHuqjZWfQLIQyU4iUiS4YGBV78Hwfn9tR5GNC3-g_lARnzvjTNzThV1r5Umi2E9WeOtsa5KCipBfQ6dyILK2P5So
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame C3F2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115752&plc=4398657&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0j4j0u7Mu8_Ha8r50SODBS_&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=449233607217&turl=https://reurl.cc/gaOWLp&DVP_PP_BUNDLE_ID=
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a800::17c3:5b8a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 10:12:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Nov 2023 07:41:51 GMT
Server
UploadServer
ETag
"4bec59ab2a9fb77e9ba1af294cf3504b"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
932
Expires
Sun, 10 Dec 2023 10:12:21 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame C3F2 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0j4j0u7Mu8_Ha8r50SODBS_&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=449233607217&turl=https://reurl.cc/gaOWLp&DVP_PP_BUNDLE_ID=
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a800::17c3:5b8a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
77bcc9a2018d9882752571a1063ef8fdfdb22353f6dcf019be8d5eff94ee063f

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 10:12:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 09:57:43 GMT
Server
UploadServer
ETag
"acd98c72a3678fcc8c90582582f71fb9"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3638
Expires
Sat, 09 Dec 2023 10:27:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame C3F2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
23464
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 03:41:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame C3F2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
23464
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 03:41:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C3F2 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 10:12:21 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7E13 		448 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNVRX0AAaTGBx9CPNTHToL6FM1o-WTsXHRVaLNWJCte0-H7nv-t8KWqweK6X3iFKHGcx7gXLTwazoV_kOmSsMNRpGfrxfw
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 10:12:21 GMT
expires
Sat, 09 Dec 2023 10:12:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 5613 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 10:12:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5613 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AimpXplui_90iJJcNTig0QMhq8kYgwVz5kcG67LR4KrjRE4jqyLXj3yka0py4UbWkDp0hpNo3yJQxugEnEKsCV4iOidcOFOtWHgBJ4-HQ7NawhVLc
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 5613 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115752&plc=4398657&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0j-SJVhuAmHV8sjKk36Tirb&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=449233607217&turl=https://reurl.cc/gaOWLp&DVP_PP_BUNDLE_ID=
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a800::17c3:5b8a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 10:12:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Nov 2023 07:41:51 GMT
Server
UploadServer
ETag
"4bec59ab2a9fb77e9ba1af294cf3504b"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
932
Expires
Sun, 10 Dec 2023 10:12:21 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 5613 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0j-SJVhuAmHV8sjKk36Tirb&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=449233607217&turl=https://reurl.cc/gaOWLp&DVP_PP_BUNDLE_ID=
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a800::17c3:5b8a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
77bcc9a2018d9882752571a1063ef8fdfdb22353f6dcf019be8d5eff94ee063f

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 10:12:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 09:57:43 GMT
Server
UploadServer
ETag
"acd98c72a3678fcc8c90582582f71fb9"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3638
Expires
Sat, 09 Dec 2023 10:27:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 5613 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
23464
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 03:41:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 5613 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
23464
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 03:41:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5613 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 10:12:21 GMT
sid
mug.criteo.com/ Frame 0621
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=SDtBinw2M2ZSdjl5OUFhQzhtOE1wbWN5UjhEbzFzYThYRHFUNjdtdjErNWV5TDRSTW9CbHcxblRZS3BKU2NOMzBBZFdIM0x5Y0wvYWdlaUxYVW51VVBZNWxEd0k5TEJYZkZCRVlmRFVwUFNqUzBTOG5kQmRrdllpWkcwU2...
430 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=SDtBinw2M2ZSdjl5OUFhQzhtOE1wbWN5UjhEbzFzYThYRHFUNjdtdjErNWV5TDRSTW9CbHcxblRZS3BKU2NOMzBBZFdIM0x5Y0wvYWdlaUxYVW51VVBZNWxEd0k5TEJYZkZCRVlmRFVwUFNqUzBTOG5kQmRrdllpWkcwU25kb2dSeitpMXZkeVFDdkVyTnFCV251MmVHbXdwZ3hCd0xhaVZHb3I3RUo5QzZwU21CaGgxRGFTYUljdlBsWHRERTNLOHFib21Ia2VzN2tUSGdqWm1aYlNZZE5tQU9PbUQ3YW5rTCtZZ2tOelRrdFZ5ckoxUHBZdHd4N2RPd1ZWTCtCcldXRHoxSVovMTV3QXBhZnRtakdLVllIT2hkZz09fA&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3f5b3cd6f440203db7852219adf9d9048385af1bf74e769dfba3f7ae479a33a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1297750
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=SDtBinw2M2ZSdjl5OUFhQzhtOE1wbWN5UjhEbzFzYThYRHFUNjdtdjErNWV5TDRSTW9CbHcxblRZS3BKU2NOMzBBZFdIM0x5Y0wvYWdlaUxYVW51VVBZNWxEd0k5TEJYZkZCRVlmRFVwUFNqUzBTOG5kQmRrdllpWkcwU25kb2dSeitpMXZkeVFDdkVyTnFCV251MmVHbXdwZ3hCd0xhaVZHb3I3RUo5QzZwU21CaGgxRGFTYUljdlBsWHRERTNLOHFib21Ia2VzN2tUSGdqWm1aYlNZZE5tQU9PbUQ3YW5rTCtZZ2tOelRrdFZ5ckoxUHBZdHd4N2RPd1ZWTCtCcldXRHoxSVovMTV3QXBhZnRtakdLVllIT2hkZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
288914
content-length
0
expires
0
truncated
/ Frame D602 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77cc2e91c6371e28a7881f86194898613191aecabe0c305cfec7cae1d2964cb2

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame CC3F
Redirect Chain
  • https://s-cs.send.microad.jp/cs?key=google_1
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=NTFjMTA3OTNhZDgzMDIwOTI5ZjIyMzgyZjU1MGQ2ODE=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=NTFjMTA3OTNhZDgzMDIwOTI5ZjIyMzgyZjU1MGQ2ODE=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNUKWhpJpqPXsvt2BdV8g0VEHJAAd9cXFs2zIim_lkKhX2lrcPMQl097zhdCTosDGAUdHPR84D3YnkZHe_jF8dIlOlD5MQ
Protocol
H3
Server
142.251.222.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Dec 2023 10:12:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=NTFjMTA3OTNhZDgzMDIwOTI5ZjIyMzgyZjU1MGQ2ODE=
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length
0
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame CC3F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGAKswRRgNYe92Pab53AMas&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGAKswRRgNYe92Pab53AMas&google_cver=1&C=1
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGAKswRRgNYe92Pab53AMas&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNUKWhpJpqPXsvt2BdV8g0VEHJAAd9cXFs2zIim_lkKhX2lrcPMQl097zhdCTosDGAUdHPR84D3YnkZHe_jF8dIlOlD5MQ
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTfbtaNvpQHncqYmUwHmhVL0%2FVZhswlHaDW06aNPJYwX5dwFxJYuS%2B1sm4nX8Cu1AMhPNf6pGgKAmfxBEpM2XKnw7pxBwK5s6nko0Q6CjV9TPzYYEG62DrBJkuXCp3ohwKqCaXSLhOcMFA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832c78211a098a96-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvaK4hW0koU5BsyhwhUdLZ%2FCr9Hqb3jdM9ndZzJ8%2FSOlzAMXiBRmnZvfuTOPAJNaYW5NgJdCDOOf9Ltx%2F%2FWvrYLwRFpHqADrwSPdqvVsVXVVYOJfjWCDrVOsTrS1Yeao58yehGhQocW87g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEGAKswRRgNYe92Pab53AMas&google_cver=1&C=1
cache-control
no-cache
cf-ray
832c7820e9e28a96-NRT
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame CC3F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXQ9hca..DyOYqKWRo9LRQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGAKswRRgNYe92Pab53AMas&google_cver=1&google_hm=2
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGAKswRRgNYe92Pab53AMas&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNUKWhpJpqPXsvt2BdV8g0VEHJAAd9cXFs2zIim_lkKhX2lrcPMQl097zhdCTosDGAUdHPR84D3YnkZHe_jF8dIlOlD5MQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkd6mA%2B1ri56Hj0anna4%2FX70D7XhlokFdIrYgBk5MQlxxK4skmGY0tDy9CxCrG406OlaZpjHecBVoY9BzeYAPcxYGFTpZ%2BuFj4DITa40D9BEuB0Bc3eGuCdWX5ygBxebrJzloWk5u1fpRA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832c782189e6e380-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGAKswRRgNYe92Pab53AMas&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 9050 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3c2cab4b940c7e3f36763bc918ae1189e94470ada07aaccc64d301759bda7ec

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 7E13
Redirect Chain
  • https://s-cs.send.microad.jp/cs?key=google_1
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=NTFjMTA3OTNhZDgzMDIwOTI5ZjIyMzgyZjU1MGQ2ODE=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=NTFjMTA3OTNhZDgzMDIwOTI5ZjIyMzgyZjU1MGQ2ODE=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNVRX0AAaTGBx9CPNTHToL6FM1o-WTsXHRVaLNWJCte0-H7nv-t8KWqweK6X3iFKHGcx7gXLTwazoV_kOmSsMNRpGfrxfw
Protocol
H3
Server
142.251.222.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Dec 2023 10:12:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=NTFjMTA3OTNhZDgzMDIwOTI5ZjIyMzgyZjU1MGQ2ODE=
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length
0
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame 7E13
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGAKswRRgNYe92Pab53AMas&google_cver=1
43 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGAKswRRgNYe92Pab53AMas&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNVRX0AAaTGBx9CPNTHToL6FM1o-WTsXHRVaLNWJCte0-H7nv-t8KWqweK6X3iFKHGcx7gXLTwazoV_kOmSsMNRpGfrxfw
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfxDZrAsC6JG8AI8sIeC2gH8G7jyOYitrY%2B%2FUcyV7udrLGF0bxyxjjJuWpiCdD%2Fwgo4ScjH1zIyvvEPZzhxlheC1%2BtRQqiSCj1mRSnR3QZS%2FWr86CzhX8CO8ckT1A3p56pE0xNq44QnwRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832c78214987e380-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGAKswRRgNYe92Pab53AMas&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7E13
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXQ9hca..DyOYqKWRo9LRQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGAKswRRgNYe92Pab53AMas&google_cver=1&google_hm=2
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGAKswRRgNYe92Pab53AMas&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNVRX0AAaTGBx9CPNTHToL6FM1o-WTsXHRVaLNWJCte0-H7nv-t8KWqweK6X3iFKHGcx7gXLTwazoV_kOmSsMNRpGfrxfw
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCK1BR031HJN1sQ7ap3lr%2FZw%2FDaD6HumPEd4ZLXT5WdmuZxzWu8XpUyE5hh%2FUbBqEM4OIqsUuCuoghW79N8tNtld2hxL%2FWFrf%2Bwj1%2BDBQxDCOLxGuXT8775grkrc0ZORbDhxY72xuNK%2F7g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
832c782189e4e380-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGAKswRRgNYe92Pab53AMas&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C3F2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3953119324635&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C3F2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3953119324635&version=m202309260101&ct=77&x=1&cor=18194566404348152000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C3F2 		20 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BNxcjNRW9p-bk7cQe1bqRzI5ClddxvpMSflB3WQp3Szy6e2ncs5rw8khvAHev1sSqPL7l8ln42Jn9uEKe62eGeen6ckir4VrhtxMg4Po2BvoTawuhUvw7xR18juuYu4_AAdaY_K8VWR4PgxgTcvzMqCBTWrh-F1NwWZnjyzPctZ7bCoOo&cry=1&dbm_d=AKAmf-AL94bfCVspNy7kUGxYa_8Yqos996JcntImh-xuoAQVqDifjRqcz7ktg1bLyD77UiHUg5fMXvOg60EJlF19Wlar6gwU-5RlfQOT8fnvlrOaK-avVjBRtr5k15HgPLBuIn_ZINGMJwrqy4kBQdvND1zP3AEzReNyCepmUIeQbs8O8Ruq8YhiXkl5KGWxuVTqchPZeM34qh2V760jJfaCWtEUzO3lVYR8unPDwKA-QTbnS6nzt3OSa_mQq0eMofi8HKksBkaIjnm9LocDUZTGfgsmD0Zol3o0HVMGLWiC9CMapg784omQc7A6LZDl6MvTH8oT8IR9h492Mdvf4g9ipWCQqDgDqg0wg0Fl8PcIDyl6n7Lha_4XC1-pQFBwY51e-Hq6-481yHIKRLDIwaRad2fjhJfYnbqhNilhkqAKwu_jwUmLUOkmwNh7xV13wR6lxVJNOEFZnRKCZufgEAOFHSvIFp6fM2xVvk3FFnGk3Fq0qvxWblN4Hs5z0gVTowm7RGFeuc9XzhiQzwrSq4IUpOtiX4uy8zOMHJ5NCYC6e3QoOfvzXKd-NyZZkI_3WcQZGVHqXMUVsetaUt6skrvD7aC0W3B2PjJbAxGgLZ3IzCyX0ZCkigc3KEhsUg7v8TYAbUCHMbBis_vmM5ctXtDBIOQXwEojNQmTuhui43mD81902F07BFFOTuRT0AcWKT20XFG25suwkaMUqMd_kwJ0dbfyJ9ngeNLRZ2HQN8g-6b7ZBqK3rPhISOzP3Oik8Z6qu8C6npJGF9lT6LEHbw_RkdZ6JSM27BDntp3GcLJgaMDIv_Z2qZSV4aHbsknqur4RD1wqqF3H2BGlstpZjhZ6tFMjqCVFoFI2jm9bTCN4OprScpM8a4wQ30z3jx9FpUn_9Te_tQBHeUwNtqa4uLY8zIZWIFH4bVnS-nnrAKIKKH5GRhuqohMhRxCOyXJhnxrRL4cRvcQz_g4zyCfhZ90w-VC7245lzj99s44G6haphodDecySI-CyW-R_7SJlHaBEA-t-zr-Mrl9dcMAyH1ml6PjvaFAV5aNHcFovBhtKKsBfTX602cw8ScZU0QN8n_p6GjVTNk6Cn-lkOXNmz6bugyH946pDtUKqkeLojF-CIMUgZ4_5Xb5XGGp2yPg3Yeklc0EqdMoDz78tSGLgMQGqd_y1g6sqQTY9F2sLRE0A02UD-fIbBpoqtMDk_6FIF2YYLdzdGMCPpzMzAWeO-mWBNGcgZaambgdhE4k48B3xdGMg-K5z9hX2tkE9L3hihJGRIN5TiqFsljQ_M8eAA62Nn-KilYqUR_sdk1OWI4o_QFJ232FHFlnJMsGuT48r66wkvTkr-a6gjWBGX3ZqVdgPKlm-_A7KoLrDql1lxJsAZ_D0Y4Nj-AE6ljJsi8brv3xvU1NBxhR9hi_KXvv4BdLZF7cuDUeYyN7ga_Rxzc1G-kPfTDuMNkcGii2IcYX8kDyWJrNmhJYKfK9bGZmT1y1y3Kh1qZn8lRFC5hbDvBsEN15Lu0PemGTXhlqZndrxIxHTR0wmxgZ2G_B3KyEX604z6ywDgiAp6QDXFvJn56bTgMPbNB3HGPl11_O1DRc5rw9vm58W1gv26PjX5ka9TA3r_TkIyUJ3xudNtvRVgkKhGCYIWOlZoXoJVDLmiidwBTSblakhfarLT4abSB-Tv__aMs0WM5lH8aCY9xo469uNwJBzILpnB480azW1WfJ5cd7ImJg27Dgj0dC4NHc-fXic_OJGUMl-W71P1R9TSF-jVtD5IxgY5xGUwDkvmEFoOM74pLUJaEnlUPh4i3I6sX1IxJXkWeOPbShmQHF-iBHfKEGez07rQoSnbV_J4vHtuF47YbZPjPMTMjXNGp-SDUeGaPcHI-42StPAQMseCGI8gnMXkqt0IcthNglhwucybYWBIIXydnYdjzKFsNUFbvrCFCx1reT4Gp-m_P6fSpyg_jXd_h3O8E-i7ED3SvYp1v4VO1P-UCXy0Go5qdhS_Cd7551MVoPmgi0OsiekACQNDLCZjK0sPQ5J2TtD6TaCa17PEC_-OBEwz6kHYv_bpeocwzbx54N7QchhS7wDmLtSXTqZ3WaKF-6rAScItsoZcqnK_jIl5UWwCaPUltYn3PAuNbC9PYSL8BD2gUhd9fijdQI4E0Au_n1F9OUPincYjEu9BtM_t-s_FUMXld-BBL9DO8VtENCvYk-LtuKsoEMVuT8uTtZ62SbcSqU8kq3_V4V7BimXSS5T69fYBYQcfdFJX1cHNXL8Qx85j5WhxhUtGzYlzrpt5qkzWPuYRPpflSHJ2ucSNVu56RasQLUqPR1iwJTbEQgu4EWvEiLuUku0TUklEzEVbzXmBBzQ-DBxRjbKiNDK2BEi8tmFRPFioP5D1KPgNOguKkCqn_eseC5Omz1Ep01t9tM7lexvnRc0UFWtNwsyuPxp0hiXpkeJfbqspRn3b37HGKo5zYbO_ySwdblzjBd3QPH6x_weBHOzvGqXjwrIus52OkETSrO28ZBbEx3QzU4-nciZ-m0tPH4_hxSyKTk6y2zttVeVLzfyY0KOauDm8CexlM3dTAqDG6CjUzQvSXx-ZtQ6Q3KnBu-GZuaUUQph9Q2ohJk_GJEDlM8C5Sf1eCZD4rYN0ZoI-ajGk_gBvIVF5_mlAwoKhjZ6IseWLhI9B2xS0KCqQFAzV0F-bADyAbO_KOy5OYiFK5NaCLR2k-a4WTRtktMkKqgzi_rp7UPA1ue96-p8HFGfUqbL-FSRvEvIyJuDoaMFpH5a1tQ0Zn5OimDltQyIRKq_SKyvuboH_nfO0aHlLtto3QJIxKQ4jdfvRLZhXEXYYNadmjjwrDUS-RgEA2JBerf6fIrXiZTZUpy_vtne8_1dwJg6iIocv4pPrS7HL2naG-843E-06QX4nnm_TMhM0qGdsXPiiAEd_nDGIQoUjF8-5K7ETwyfvMpbVf1pZZCoBnnarOmfJhvGSLWVdnDPSisD1Ojit230WfPhk7YiDZDDVbQq7-_g-ZA1x4yn10CcM39jS7FV9TCVx1wocMcImniNCOIkqF24iLmBUv9dZ7v6DCJR2_cQlWhJbgLB9sio-e4OEF5dTO_A8pr_SeC_jk3U6HG4gTyhiueluBWTJd1mrD7UhSWIDcekg8tolPZs0I8TFoFUaMuDM31o7sj2EX7dq9POwLjsccjF-GXQm3ZOyp51_6kDljlay9sgfvacreQjfFmYsLcUw5biGEStjpJpcKQNIewEmojDQk2IpxfdTNTl34Rmn98NKvljos2X0800r4F37GseRNnJji93BveB6mv8Mxo_Xdx5BHBAzHSke8hDaP0M0z_hPZDJgQkWYBq2vaChGDRc2Y77vp5SE2j3or2vqdDAByoZbWUgEEUKcnxJ5tYNxnK5RBerGjx_mzJ5QfgZEUM91AsQay1uR03t15nqJnvg4SCN6as8es7j9DxYXAzHxy45epslqwDIy4jTk0QJsPv2UKKzsrgynjBaC9Z_sMSWlGY4k6-cuWs3fC2Y5azTZfjRHvWVobpq3HB2wpT9seIH_wzkrRGfvW7bDetFWLfaLNoaYZGJYjyZqi3TF8lAmO13415tD5L9DtPvh2P1o3yhXzaL7-OIiQTR50vpdXsAWdLOGcQsxKr6PtK5pdUbAXOeCQss3AHIMWmhlb58utVwqPYOCuvxcTGzgoj2sv99E6qHid5k8OL1y6k5rzvh0ouJ8ApEAASghANp4WcUzpNmDmADkUtqHX5nwpC-Be2uU6mGo48Rx6exbqrKdkDdyMe3VC8VSnY2e8QekbQtphV5Qv8JN7qHymqdvxq_1aV3Bl0Y5NQ-z8_ScPwX8QwMNPma-iHIKHi1gKrUd-hesbP1bJlvF4YxF5LqXHmvUSwoWm87uzr273IUqnQylD-BRU_XtEgUb2wwhmUnw3vEOVhV9a07-OjsH-1qCPtdJmSfEeJQYWsHZchSk3PZNhrShYa-HVYV-F690mvRjSSNHhk2u3gGDYKEMyHNhz1xfuqZxo2ilgJzpGSc-MXTq42qaqnZy9rXS-03oNduj6VO5VSKCu5D9gPC8T7LDOdrhhBbZHpVed3LpU8ZDgCn3f0P7iyGJsdr1bErnbKocEt8YEoCIsO8AxGj-1USEpZLe_K_4v98If4kW2GJ_AukgosyKLa8&cid=CAQSTgDICaaNKHBoT6qmFUhT-uaMcwM4Il3lj20dEDcUJebKsaKow7HPvPLk3YKI5y8t3Fy5jeZoY_G-WbY3si4XaQ14WJfZvwr_vQUpL46acxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=18194566404348152000&adk=2228999114&idt=104&cac=0&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
785893da2b0c3e70d3dc875dd6dd3e0f11b3dc146a88f34ffce5ca031a5e412a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13720
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame 35C2 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
52
content-length
9921
content-type
text/html
date
Sat, 09 Dec 2023 10:11:34 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
x-amz-cf-id
5q_nfid7LCF8GVapIfvts4DZm50y6jEapz1WYgYpqqsivmEQn6He3g==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 8A82 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Sat, 09 Dec 2023 10:11:45 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
37
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
GSqt-OiBmOGCr-gnV7n4B22IHFJ5eOaEphm1hHNeWR3x-YRaHhu8KA==
capmapping.htm
cdn.holmesmind.com/js/ Frame 389D 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
52
content-length
9921
content-type
text/html
date
Sat, 09 Dec 2023 10:11:34 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
x-amz-cf-id
SirLm1I-j-1jLJqZtWmge9vfVsJB_ux6G6-dK6ukRBwVSuDWb0iuHg==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame A4EC 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Sat, 09 Dec 2023 10:12:21 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
37
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
QNNvJmISzG7eOEQO2euyhrqDQQocZb2rjFAKCDYaKu1QNWJqv6GLVQ==
IAS_PassbackAds_300x250.png
static.adsafeprotected.com/ Frame 036A 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_300x250.png
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c5:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
5gVOAFoF.BCvnrybv6D.a4lGJXzJNSyO
date
Mon, 04 Dec 2023 16:17:39 GMT
via
1.1 08523828eac58ab546028ccf39ec743c.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX3-C3
age
410083
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
14233
last-modified
Fri, 18 Feb 2022 23:28:59 GMT
server
AmazonS3
etag
"65a8b98b798ce416d94c2847aca40c71"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
pAXMGh9ghjXL3yYtdh-fZZELy1aXfusQIdAQS1k-0_XkxkdvEeUj8w==
/
cm.lndata.com/ Frame 35C2 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sat, 09 Dec 2023 10:12:21 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 5AFC 		0
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.111.97 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-111-97.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 09 Dec 2023 10:12:21 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame 3FBB 		39 B
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Sat, 09 Dec 2023 10:12:21 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
cm.js
fcm2.holmesmind.com/ Frame 35C2 		409 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fcm2.holmesmind.com/cm.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.192.40.163 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-40-163.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 10:12:21 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
utag.js
t.ssp.hinet.net/ Frame 35C2 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sat, 09 Dec 2023 10:22:21 GMT
fp
cm-dev-poc.holmesmind.com/ Frame 35C2 		0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.111.97 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-111-97.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:21 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 35C2
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:21 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

date
Sat, 09 Dec 2023 10:12:21 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-type
text/html; charset=UTF-8
location
https://c.holmesmind.com/cm?tc=getIn&
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
google
m.holmesmind.com/ml/ Frame 35C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEOKaZSq807m6xkrs1-EqaFo&google_cver=1
0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEOKaZSq807m6xkrs1-EqaFo&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:21 GMT
x-guploader-uploadid
ABPtcPq0Zw5o29wkwb9TLHwugnftSWTqmCMy5d8a1ARV23lboPf1PKQIWdFZrm6xJDHV4octAVJfSumLUEUX4qZNo6W3jQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Sat, 09 Dec 2023 11:12:21 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEOKaZSq807m6xkrs1-EqaFo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
328
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5613 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=124377300982&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5613 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=124377300982&version=m202309260101&ct=77&x=1&cor=6560775373199426000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5613 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BuzdtvZ4S6vY-GoFcOUx9xXyhm_HKnZV28SGqbl4_l8sp9C1S0UzVDfoHJDDlWSiJnw_XSyPiDhFIQuMjCn7K_9IFGyawnbVDwZ4Wvfin-J3dPIUcmsnOPUjP6GYd3F1Jd63LHWfh48pZ3OBeVkxiwJBUUweCWJj1ft2LxJkkXV1RfbnY&cry=1&dbm_d=AKAmf-BFTlunqv0djHeGuLYdUAtYWqS1wdTXn_0MAM4djIZnqrUwP5RteEMHcMj5G0WFXo9HJ-l6WMH98Dk_HjIE_FNNud1kEkJSlaRI_2ujsv9jGXP8YdpDyQwJm4P-BztdU6ioGMqbPa_jB88w8tzKhv5W0yhdnfHIQvgLQAhvQKDM1eugDu6YmOioJhHbSfpV-vUUIk6fregn2t9VP9tpbeXALpGRdtlsUsNfBui2dUguqaNNzDcG38g1lmfaPXRKp1J8eNZiEMvGgoi_vMnxvEg1MwDBSk9UYkzEt89EdcAvhtKp9_9SVPqWBBrTZnm9lNn-954-SWPxOtI-Shl6P5gb-l9DsH9VuFIz1Hy4UyckiKW9D2E1t_neuJi910fIO9FG8C1tWqrs2RfoRmlBGvMKbpOC6m-ULzVv9nC-M0X-yc4wK82aBHs8rlsCAC-zyz0NvTWezLb6ZscjMx_prG5hEXvmvOdahedicybJJp-_StSb2ey0JgyUe4HMEA-wFry4ikrEWdh-vebiGdoAOfuKNukJhBSVppfVQG6Idi0yM1_qqhVsO0tpk-GYXn20FPeESsjdO30K_Ky-RSfB4j8HVJjvhaOxMYWJiEohvOT1wgKKxMkbTl4UsN08DLmk3bLIEo6MYD_H6ozhJQlAhJUjEBD52Fj-V2kcnotbCmniWamuF8LPFDfob1952vC7OHqNSsWPhsZpBOkx6SFMROsFnyX2M6fKyANfC-Ure7H2rdDGne2xrzqdOVcEJXmTQ0KPHC2IviDPG-oxDTTbSYfZ7cRTNrwPb0QDigVSwbfzrtKMW6hf2UzMFxGBUce7ye9EBJWQ3lF8lMGNiMhgyGHYEUB4bFMzjdDi-oIXv36hSrTOGF5pelsbQhQdDcx9G7tNOyp1kjKjWnMMMtTrRGmiycLcxGe-YyHNs0SydTTtAG4cZugyIhuwaIhUSztmTMFf5pw2O2XbhpyRT2OU3lTjZFMykrZVdaic86oT7X-jGaQx4-XhShXb24_AuNl5pzdd8AxtZvJPIl4cC4K-6jzQplJJavxlyGUhVFgcaNchFksLjWw6qad_X-GIfv9MwdWyZbx8kV3dxUFFx2TlTT6QOeJuYEtRY8aSpye09fP-DvwyAWISq9feuFb1k_xInS51vcTmbAs6ZNWs7tUSPg9WCTsd-vKhBiCAD-D0fKWPhR_Ggl0178y7XA4z2_mg5bmqKF0cD_ATjdB9gWvB2WwaUmHAuxsp6UHb6B0UKKE7kX1s10TgRatFWryE5z-R68MUOrHzRR8utcnR6tMXJCtOhji0zr0RvvFvm0_K9uAQAgenWt8RJ5HDKQZlGPnsV-sa1OxDNc1Nnb_jbj7l8beOcY7cVTADRWebPO1JrDwymME3NGpyKXE2xOhg57mRDCICTVS9_x8OotaohmmPS_TSculX0-CO3X2lXJ7nYIrFvYI-f0Qw8MU8Wtr1pZv7PKYzJK29Mx8B79r1q86PXmRJpyfP61BDQF34rOg3zYxHtu7O5WF7dYgx_mKZ3vjMUKhTqtzGOrsS8kpjq_Oo4hjs3JxkHTmdCteahNePVbGnCccbB2eVjLqnINySkLBoleCuv0W75W4TSQYAqMt04nsizWWd52ootDAiC_-ieG-tZyXbqPraaMxe2J7CwkhqtCHNFWTvd4gUByuLhwIDejw8MpJ1S5fs28tPiU8yVFdTvwplhEbGbk2W1BfsMBbE6XnATGYEGdcgfjbVC2zXD2Vz7qv4OhHJQW2aQJX4HYW319DyvM-HjXCl5IgRISVC9F4l_qIPjPqSHzIqUAOnYcLdIqlvDgOOMNBG60ZNpzN5OXCKroViCAHpBalEjsJSaP7W3tumMSyCrmDlERCNy29N12rXNbMpg90FkVrxJ4GVXoAl1tLuWKJNgnUnrym03h1o_OVEWvkvx8KmCk6ZPyZyrtazkOdLSfMebv-3OzkYR11SH-SINu9W2caHU4UA2wg0SzMs6I1MgUW4TTQELwEXPbp7wmGs67d_MeuO48CuYtw7weIBDUwFIRHN8uZEzN2VgXBCDG4lwnUKYsvqmkirdaQ2BVgbJzOq7A0tk1JvTG7-eXcp5MtONwKaYljJTdKuQCV6Ucl4m2iQSmMDvHkUIUPeNVMP7E0M3fk1Uf0OiP1Fra0yyttf1dzHwpai411CtBbsWTUOAzeFUikEuzvxsNOPjRLE2Yga8GXXn_v2iZnnfijJHU8JtC5mVxsKJ06rDQxn9d2NwHFb9oR5XERZkQeuiYWi6wXkNSNCmowfJXlrt5xcs4wkNtlbtbacJI3P4-Q8Sr2XPVDzBkgG0fXDq59OtEbbhXP47Wn7OTkorqFjOqzaE_y-sqK1_5LZL5oJKTrgvBtVbylVQ4-h-wniR_1jVGSJBgIgPD6UIpV0bDLo3zVnNhXiZaG4xEkE4wR06vuu_CsVjuyJbPsNKuixFxef_Cqjx8aJeFTuUQSm-rpDabVruurf15GjOAY3bcnMfOYMSR3A5voJaO9xiEiZsod4zXvtMgwBoIRW0XoFDGWANKQg8b82SR5IbB_b2GpkW4TdniAS-IqANrdUT_3cBxhuPyOkGbzNYU5CInHoTIV3j9_MnWHjHv1is95cICShWo1yBuBYw0_gD5dR4BSds3IcHDIzhqfJilNKqmZt1Lx_luVKC6YK13dSGDJsOJ54K4fww4ZFrIHuihHHdpkKi6mLEsp3HaCvHI-tzsGDHMo3Tf3vWXv4akHdWspM_N7CeYDmT-HTS6ld_zs34BobH7xjAx56ke0C9U1Arxnk5wndp8SV6NUEuwjpJQySDorrHdO-yCjc3fCc1x158y5JYXS6U9N7VS5nw494PHLkxwVJ0xihdOE2RaVaysH8TOsfkW9I8xT4wZdkztX0KHrJIo7b05jRtpuo8wxinY4YEEN3HqnMpxa-mjvfaGGGKDilLlmOqcc5S3HKiyrllvPqo8ZCGQkb8FahXI3TuvfFregKn7FA8kSLT3wyR8jLxkTSH0VgunIdaASfidFl3UkUDW2lsre0PS8yqceXGMQ_G6a39E0_wYhvjXjUwW349v561UF8CnWubCXGMXtce2vK8uvMGsG2ZOVuRHQwOx43rwbv9OL0nwahYhVELp2y-s4lVzImmW4dGVZaFR_I9wRliTfqhg_BHL-wW_IB2n9czqt2Atrt9Zav1CjreyCzhta2s6NP4r3j4-atBT3WrxncihXqjEzl6khVBi47exoYwStIcxfQRWI3k7rq2f1Sq2G30zgJT3PWD-4mQAJhn-k_D5D7PfqzlswQWtl1F0sn_ASuWciEWT9BCHnfVFqKayBhc2Lu2_Pk5EPhqHBtHCSyEeZ74af_Djk_N-ebuV1eErCNWf1Fr2CxJvAdHY_Z6TWXkFH9qrjdlIbwX3B3Z_HUsn0vEVJ3iNlD_UQOeXG_qoH765B9446DbtxdyF1fR3ITjIuqIBdrVwYr2zJOQa24gcBHrolBVCNyWdOJXfyOsDmgMp8L_rVwNUMfMifP4xzyX5Yj9KL6hk42WfIrTcGir6WN4IkZqZPLk_T1iWkw5Nmy3qHzIVSBh3fQQ5AeRHzrvCZBAy6M1S8uFtY3Li8ETA9ZqECF8ivAzZBqkj1wsnvS7nZJEmySDk5l1CQ_PUQr6SzHVzdl-8c2tA4sJMqaqCPTJoryUXJm0cgAf4n4TGzmjFHRY1c0Gc9GXMamySYC2QyfxNQ-EZ7NJwOsRwfnbidDpRAVwvL8mgqogdv_RG7EmvfTQIlMFBcWB0b7t0OeVBMqw4t0T4ELAbxTM9yoGrWyVeOFwk7HJwlLt9Td7Kuz58kOnxta0WstdVEzjXEIZwrYm9y54uC9Tv6Se8zxCknDfzmxOf5xqoA69hiZE2s4DW8NtksS6r8ZL6tGx8AtC-622P2AD2fxgkewwNWyDqiDOcmcjz-76RT_YXTA-PzBQaoUi_CPnvpseQcLeDBl7xKEhy3gJUcQdW3wlzeBbjBZ_mBvXUasFYs_1Sw9xib7VpWW9TMdsQuY79DlOkJzBw4v52Z05-hKPQCRMSGCE_rjMfPB0wymrDjtSFy-O9FRaBqtHynOwfypQ2PC3-9-ZUFCFcV4NQhjPRJj-9B7RVIqglCEDli_KjJr9ERazq-K8Wt9WKmgikxSBszERKjeRQYW&cid=CAQSTgDICaaNKHBoT6qmFUhT-uaMcwM4Il3lj20dEDcUJebKsaKow7HPvPLk3YKI5y8t3Fy5jeZoY_G-WbY3si4XaQ14WJfZvwr_vQUpL46acxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=6560775373199426000&adk=3047537734&idt=148&cac=0&dtd=17
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
223c3af9370b31d7b0e45a2f9559b147143bbd4a2c7a69125f6668eabcdff5a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13877
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cm.lndata.com/ Frame 389D 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sat, 09 Dec 2023 10:12:21 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 389D 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.111.97 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-111-97.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 389D
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:21 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

date
Sat, 09 Dec 2023 10:12:21 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-type
text/html; charset=UTF-8
location
https://c.holmesmind.com/cm?tc=getIn&
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
fp
cm-dev-poc.holmesmind.com/ Frame D2C6 		0
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.111.97 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-111-97.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 09 Dec 2023 10:12:21 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame 888B 		39 B
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Sat, 09 Dec 2023 10:12:24 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
cm.js
fcm2.holmesmind.com/ Frame 389D 		409 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fcm2.holmesmind.com/cm.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.192.40.163 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-40-163.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 10:12:21 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
google
m.holmesmind.com/ml/ Frame 389D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEOKaZSq807m6xkrs1-EqaFo&google_cver=1
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEOKaZSq807m6xkrs1-EqaFo&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:21 GMT
x-guploader-uploadid
ABPtcPpFRN7uJyOYefP6mUg9ICUIJD1bF7AS2ieXeYqoffvpuzxAwlLNWxLg7YlsdIA5entUE0_69mv1Dev8the6rloKjQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Sat, 09 Dec 2023 11:12:21 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEOKaZSq807m6xkrs1-EqaFo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
328
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 036A 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ae0349791dfb484708da6169c76aad16d987ab82c0e9828ac083a47e9890a9b

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
Preset.js
ad.holmesmind.com/adserver/ Frame 8A82 		7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14209
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cd1a1c2e4f6310a0fd024f0741f9adb892f52778f8091e55d1b0db68d8fc97f9

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sat, 09 Dec 2023 10:12:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 8A82 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Sat, 09 Dec 2023 10:11:53 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
29
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
U9LieDx6NlJ9MjiVTmUrMSQYQFpxSNQV5QtrYcXhWW978yEXLt5aRA==
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame C3F2 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BNxcjNRW9p-bk7cQe1bqRzI5ClddxvpMSflB3WQp3Szy6e2ncs5rw8khvAHev1sSqPL7l8ln42Jn9uEKe62eGeen6ckir4VrhtxMg4Po2BvoTawuhUvw7xR18juuYu4_AAdaY_K8VWR4PgxgTcvzMqCBTWrh-F1NwWZnjyzPctZ7bCoOo&cry=1&dbm_d=AKAmf-AL94bfCVspNy7kUGxYa_8Yqos996JcntImh-xuoAQVqDifjRqcz7ktg1bLyD77UiHUg5fMXvOg60EJlF19Wlar6gwU-5RlfQOT8fnvlrOaK-avVjBRtr5k15HgPLBuIn_ZINGMJwrqy4kBQdvND1zP3AEzReNyCepmUIeQbs8O8Ruq8YhiXkl5KGWxuVTqchPZeM34qh2V760jJfaCWtEUzO3lVYR8unPDwKA-QTbnS6nzt3OSa_mQq0eMofi8HKksBkaIjnm9LocDUZTGfgsmD0Zol3o0HVMGLWiC9CMapg784omQc7A6LZDl6MvTH8oT8IR9h492Mdvf4g9ipWCQqDgDqg0wg0Fl8PcIDyl6n7Lha_4XC1-pQFBwY51e-Hq6-481yHIKRLDIwaRad2fjhJfYnbqhNilhkqAKwu_jwUmLUOkmwNh7xV13wR6lxVJNOEFZnRKCZufgEAOFHSvIFp6fM2xVvk3FFnGk3Fq0qvxWblN4Hs5z0gVTowm7RGFeuc9XzhiQzwrSq4IUpOtiX4uy8zOMHJ5NCYC6e3QoOfvzXKd-NyZZkI_3WcQZGVHqXMUVsetaUt6skrvD7aC0W3B2PjJbAxGgLZ3IzCyX0ZCkigc3KEhsUg7v8TYAbUCHMbBis_vmM5ctXtDBIOQXwEojNQmTuhui43mD81902F07BFFOTuRT0AcWKT20XFG25suwkaMUqMd_kwJ0dbfyJ9ngeNLRZ2HQN8g-6b7ZBqK3rPhISOzP3Oik8Z6qu8C6npJGF9lT6LEHbw_RkdZ6JSM27BDntp3GcLJgaMDIv_Z2qZSV4aHbsknqur4RD1wqqF3H2BGlstpZjhZ6tFMjqCVFoFI2jm9bTCN4OprScpM8a4wQ30z3jx9FpUn_9Te_tQBHeUwNtqa4uLY8zIZWIFH4bVnS-nnrAKIKKH5GRhuqohMhRxCOyXJhnxrRL4cRvcQz_g4zyCfhZ90w-VC7245lzj99s44G6haphodDecySI-CyW-R_7SJlHaBEA-t-zr-Mrl9dcMAyH1ml6PjvaFAV5aNHcFovBhtKKsBfTX602cw8ScZU0QN8n_p6GjVTNk6Cn-lkOXNmz6bugyH946pDtUKqkeLojF-CIMUgZ4_5Xb5XGGp2yPg3Yeklc0EqdMoDz78tSGLgMQGqd_y1g6sqQTY9F2sLRE0A02UD-fIbBpoqtMDk_6FIF2YYLdzdGMCPpzMzAWeO-mWBNGcgZaambgdhE4k48B3xdGMg-K5z9hX2tkE9L3hihJGRIN5TiqFsljQ_M8eAA62Nn-KilYqUR_sdk1OWI4o_QFJ232FHFlnJMsGuT48r66wkvTkr-a6gjWBGX3ZqVdgPKlm-_A7KoLrDql1lxJsAZ_D0Y4Nj-AE6ljJsi8brv3xvU1NBxhR9hi_KXvv4BdLZF7cuDUeYyN7ga_Rxzc1G-kPfTDuMNkcGii2IcYX8kDyWJrNmhJYKfK9bGZmT1y1y3Kh1qZn8lRFC5hbDvBsEN15Lu0PemGTXhlqZndrxIxHTR0wmxgZ2G_B3KyEX604z6ywDgiAp6QDXFvJn56bTgMPbNB3HGPl11_O1DRc5rw9vm58W1gv26PjX5ka9TA3r_TkIyUJ3xudNtvRVgkKhGCYIWOlZoXoJVDLmiidwBTSblakhfarLT4abSB-Tv__aMs0WM5lH8aCY9xo469uNwJBzILpnB480azW1WfJ5cd7ImJg27Dgj0dC4NHc-fXic_OJGUMl-W71P1R9TSF-jVtD5IxgY5xGUwDkvmEFoOM74pLUJaEnlUPh4i3I6sX1IxJXkWeOPbShmQHF-iBHfKEGez07rQoSnbV_J4vHtuF47YbZPjPMTMjXNGp-SDUeGaPcHI-42StPAQMseCGI8gnMXkqt0IcthNglhwucybYWBIIXydnYdjzKFsNUFbvrCFCx1reT4Gp-m_P6fSpyg_jXd_h3O8E-i7ED3SvYp1v4VO1P-UCXy0Go5qdhS_Cd7551MVoPmgi0OsiekACQNDLCZjK0sPQ5J2TtD6TaCa17PEC_-OBEwz6kHYv_bpeocwzbx54N7QchhS7wDmLtSXTqZ3WaKF-6rAScItsoZcqnK_jIl5UWwCaPUltYn3PAuNbC9PYSL8BD2gUhd9fijdQI4E0Au_n1F9OUPincYjEu9BtM_t-s_FUMXld-BBL9DO8VtENCvYk-LtuKsoEMVuT8uTtZ62SbcSqU8kq3_V4V7BimXSS5T69fYBYQcfdFJX1cHNXL8Qx85j5WhxhUtGzYlzrpt5qkzWPuYRPpflSHJ2ucSNVu56RasQLUqPR1iwJTbEQgu4EWvEiLuUku0TUklEzEVbzXmBBzQ-DBxRjbKiNDK2BEi8tmFRPFioP5D1KPgNOguKkCqn_eseC5Omz1Ep01t9tM7lexvnRc0UFWtNwsyuPxp0hiXpkeJfbqspRn3b37HGKo5zYbO_ySwdblzjBd3QPH6x_weBHOzvGqXjwrIus52OkETSrO28ZBbEx3QzU4-nciZ-m0tPH4_hxSyKTk6y2zttVeVLzfyY0KOauDm8CexlM3dTAqDG6CjUzQvSXx-ZtQ6Q3KnBu-GZuaUUQph9Q2ohJk_GJEDlM8C5Sf1eCZD4rYN0ZoI-ajGk_gBvIVF5_mlAwoKhjZ6IseWLhI9B2xS0KCqQFAzV0F-bADyAbO_KOy5OYiFK5NaCLR2k-a4WTRtktMkKqgzi_rp7UPA1ue96-p8HFGfUqbL-FSRvEvIyJuDoaMFpH5a1tQ0Zn5OimDltQyIRKq_SKyvuboH_nfO0aHlLtto3QJIxKQ4jdfvRLZhXEXYYNadmjjwrDUS-RgEA2JBerf6fIrXiZTZUpy_vtne8_1dwJg6iIocv4pPrS7HL2naG-843E-06QX4nnm_TMhM0qGdsXPiiAEd_nDGIQoUjF8-5K7ETwyfvMpbVf1pZZCoBnnarOmfJhvGSLWVdnDPSisD1Ojit230WfPhk7YiDZDDVbQq7-_g-ZA1x4yn10CcM39jS7FV9TCVx1wocMcImniNCOIkqF24iLmBUv9dZ7v6DCJR2_cQlWhJbgLB9sio-e4OEF5dTO_A8pr_SeC_jk3U6HG4gTyhiueluBWTJd1mrD7UhSWIDcekg8tolPZs0I8TFoFUaMuDM31o7sj2EX7dq9POwLjsccjF-GXQm3ZOyp51_6kDljlay9sgfvacreQjfFmYsLcUw5biGEStjpJpcKQNIewEmojDQk2IpxfdTNTl34Rmn98NKvljos2X0800r4F37GseRNnJji93BveB6mv8Mxo_Xdx5BHBAzHSke8hDaP0M0z_hPZDJgQkWYBq2vaChGDRc2Y77vp5SE2j3or2vqdDAByoZbWUgEEUKcnxJ5tYNxnK5RBerGjx_mzJ5QfgZEUM91AsQay1uR03t15nqJnvg4SCN6as8es7j9DxYXAzHxy45epslqwDIy4jTk0QJsPv2UKKzsrgynjBaC9Z_sMSWlGY4k6-cuWs3fC2Y5azTZfjRHvWVobpq3HB2wpT9seIH_wzkrRGfvW7bDetFWLfaLNoaYZGJYjyZqi3TF8lAmO13415tD5L9DtPvh2P1o3yhXzaL7-OIiQTR50vpdXsAWdLOGcQsxKr6PtK5pdUbAXOeCQss3AHIMWmhlb58utVwqPYOCuvxcTGzgoj2sv99E6qHid5k8OL1y6k5rzvh0ouJ8ApEAASghANp4WcUzpNmDmADkUtqHX5nwpC-Be2uU6mGo48Rx6exbqrKdkDdyMe3VC8VSnY2e8QekbQtphV5Qv8JN7qHymqdvxq_1aV3Bl0Y5NQ-z8_ScPwX8QwMNPma-iHIKHi1gKrUd-hesbP1bJlvF4YxF5LqXHmvUSwoWm87uzr273IUqnQylD-BRU_XtEgUb2wwhmUnw3vEOVhV9a07-OjsH-1qCPtdJmSfEeJQYWsHZchSk3PZNhrShYa-HVYV-F690mvRjSSNHhk2u3gGDYKEMyHNhz1xfuqZxo2ilgJzpGSc-MXTq42qaqnZy9rXS-03oNduj6VO5VSKCu5D9gPC8T7LDOdrhhBbZHpVed3LpU8ZDgCn3f0P7iyGJsdr1bErnbKocEt8YEoCIsO8AxGj-1USEpZLe_K_4v98If4kW2GJ_AukgosyKLa8&cid=CAQSTgDICaaNKHBoT6qmFUhT-uaMcwM4Il3lj20dEDcUJebKsaKow7HPvPLk3YKI5y8t3Fy5jeZoY_G-WbY3si4XaQ14WJfZvwr_vQUpL46acxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=18194566404348152000&adk=2228999114&idt=104&cac=0&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
329036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 14:48:25 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjExNjc0MTI5NjAwMwogIHNlcnZlcl9pcDogMzg1OTk4ODYKICBwcm9jZXNzX2lkOiAxMjc1NjE1NTc5Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIK...
ad.doubleclick.net/ddm/activity/ Frame C3F2 		0
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjExNjc0MTI5NjAwMwogIHNlcnZlcl9pcDogMzg1OTk4ODYKICBwcm9jZXNzX2lkOiAxMjc1NjE1NTc5Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2Fkb2JlLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAyNDE2NTIxNDE0Mzk0ODM0Mjc5CmRlYnVnX2tleTogNjA0MjY5OTMwNDI1Mzc1NTMwMgppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTItMDkiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA5MjEyMjUyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzIyNDIwMzg4CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA3NDAwODYwNzYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTUyMzU0NzAyMjEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzOTYzMjgwNzgKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWRvYmUuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZmxhc2h0YWxraW5nLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2ZyYW1lLmlvIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xa625d7452d0e82a70000000000000000","13":"0x6fbb6c39ff2604d00000000000000000","14":"0xc79a3399dbc8d8da0000000000000000","15":"0x8c3d11181b97e560000000000000000"},"debug_key":"6042699304253755302","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"2416521414394834279"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
ad.holmesmind.com/adserver/ Frame A4EC 		1 KB
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sat, 09 Dec 2023 10:12:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame A4EC 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Sat, 09 Dec 2023 10:12:21 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
29
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
DIV4goEQzOeQvDXHgXRwoT1sr8gvM0yl1_V4zQOqbxLuh1CpWJVKvQ==
dvbs_src_internal124.js
cdn.doubleverify.com/ Frame C3F2 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal124.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115752&plc=4398657&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0j4j0u7Mu8_Ha8r50SODBS_&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=449233607217&turl=https://reurl.cc/gaOWLp&DVP_PP_BUNDLE_ID=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a800::17c3:5b8a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 10:12:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Nov 2023 07:41:53 GMT
Server
UploadServer
ETag
"36b6087525da09e8974d3f2aa1f7282d"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19649
Expires
Sun, 08 Dec 2024 10:12:21 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 9537 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
224866
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 19:44:35 GMT
expires
Thu, 05 Dec 2024 19:44:35 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
verify.js
rtb0.doubleverify.com/ Frame C3F2 		1 KB
927 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_747874036926&jsTagObjCallback=__tagObject_callback_747874036926&num=6&ctx=1828362&cmp=115752&plc=4398657&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=747874036926&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&brid=3&brver=120&bridua=3&dup=null&turl=https://reurl.cc/gaOWLp&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0j4j0u7Mu8_Ha8r50SODBS_&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=449233607217&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=9&brh=3&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=171&eparams=DC4FC%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BAU2%3F4r92%3A%3Fl9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTaubb%60g372bc%606a%60ch366%60fd7%60fg6ea%60a2e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=9.90&callbackName=__verify_callback_747874036926
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
d3484f6294202e8f55486ecdd116702849ab075f1e3a182df8a4d06654aad425

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 10:12:21 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
12/08/2023 10:12:21
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 9537 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 23:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
296090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 23:57:31 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 5613 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BuzdtvZ4S6vY-GoFcOUx9xXyhm_HKnZV28SGqbl4_l8sp9C1S0UzVDfoHJDDlWSiJnw_XSyPiDhFIQuMjCn7K_9IFGyawnbVDwZ4Wvfin-J3dPIUcmsnOPUjP6GYd3F1Jd63LHWfh48pZ3OBeVkxiwJBUUweCWJj1ft2LxJkkXV1RfbnY&cry=1&dbm_d=AKAmf-BFTlunqv0djHeGuLYdUAtYWqS1wdTXn_0MAM4djIZnqrUwP5RteEMHcMj5G0WFXo9HJ-l6WMH98Dk_HjIE_FNNud1kEkJSlaRI_2ujsv9jGXP8YdpDyQwJm4P-BztdU6ioGMqbPa_jB88w8tzKhv5W0yhdnfHIQvgLQAhvQKDM1eugDu6YmOioJhHbSfpV-vUUIk6fregn2t9VP9tpbeXALpGRdtlsUsNfBui2dUguqaNNzDcG38g1lmfaPXRKp1J8eNZiEMvGgoi_vMnxvEg1MwDBSk9UYkzEt89EdcAvhtKp9_9SVPqWBBrTZnm9lNn-954-SWPxOtI-Shl6P5gb-l9DsH9VuFIz1Hy4UyckiKW9D2E1t_neuJi910fIO9FG8C1tWqrs2RfoRmlBGvMKbpOC6m-ULzVv9nC-M0X-yc4wK82aBHs8rlsCAC-zyz0NvTWezLb6ZscjMx_prG5hEXvmvOdahedicybJJp-_StSb2ey0JgyUe4HMEA-wFry4ikrEWdh-vebiGdoAOfuKNukJhBSVppfVQG6Idi0yM1_qqhVsO0tpk-GYXn20FPeESsjdO30K_Ky-RSfB4j8HVJjvhaOxMYWJiEohvOT1wgKKxMkbTl4UsN08DLmk3bLIEo6MYD_H6ozhJQlAhJUjEBD52Fj-V2kcnotbCmniWamuF8LPFDfob1952vC7OHqNSsWPhsZpBOkx6SFMROsFnyX2M6fKyANfC-Ure7H2rdDGne2xrzqdOVcEJXmTQ0KPHC2IviDPG-oxDTTbSYfZ7cRTNrwPb0QDigVSwbfzrtKMW6hf2UzMFxGBUce7ye9EBJWQ3lF8lMGNiMhgyGHYEUB4bFMzjdDi-oIXv36hSrTOGF5pelsbQhQdDcx9G7tNOyp1kjKjWnMMMtTrRGmiycLcxGe-YyHNs0SydTTtAG4cZugyIhuwaIhUSztmTMFf5pw2O2XbhpyRT2OU3lTjZFMykrZVdaic86oT7X-jGaQx4-XhShXb24_AuNl5pzdd8AxtZvJPIl4cC4K-6jzQplJJavxlyGUhVFgcaNchFksLjWw6qad_X-GIfv9MwdWyZbx8kV3dxUFFx2TlTT6QOeJuYEtRY8aSpye09fP-DvwyAWISq9feuFb1k_xInS51vcTmbAs6ZNWs7tUSPg9WCTsd-vKhBiCAD-D0fKWPhR_Ggl0178y7XA4z2_mg5bmqKF0cD_ATjdB9gWvB2WwaUmHAuxsp6UHb6B0UKKE7kX1s10TgRatFWryE5z-R68MUOrHzRR8utcnR6tMXJCtOhji0zr0RvvFvm0_K9uAQAgenWt8RJ5HDKQZlGPnsV-sa1OxDNc1Nnb_jbj7l8beOcY7cVTADRWebPO1JrDwymME3NGpyKXE2xOhg57mRDCICTVS9_x8OotaohmmPS_TSculX0-CO3X2lXJ7nYIrFvYI-f0Qw8MU8Wtr1pZv7PKYzJK29Mx8B79r1q86PXmRJpyfP61BDQF34rOg3zYxHtu7O5WF7dYgx_mKZ3vjMUKhTqtzGOrsS8kpjq_Oo4hjs3JxkHTmdCteahNePVbGnCccbB2eVjLqnINySkLBoleCuv0W75W4TSQYAqMt04nsizWWd52ootDAiC_-ieG-tZyXbqPraaMxe2J7CwkhqtCHNFWTvd4gUByuLhwIDejw8MpJ1S5fs28tPiU8yVFdTvwplhEbGbk2W1BfsMBbE6XnATGYEGdcgfjbVC2zXD2Vz7qv4OhHJQW2aQJX4HYW319DyvM-HjXCl5IgRISVC9F4l_qIPjPqSHzIqUAOnYcLdIqlvDgOOMNBG60ZNpzN5OXCKroViCAHpBalEjsJSaP7W3tumMSyCrmDlERCNy29N12rXNbMpg90FkVrxJ4GVXoAl1tLuWKJNgnUnrym03h1o_OVEWvkvx8KmCk6ZPyZyrtazkOdLSfMebv-3OzkYR11SH-SINu9W2caHU4UA2wg0SzMs6I1MgUW4TTQELwEXPbp7wmGs67d_MeuO48CuYtw7weIBDUwFIRHN8uZEzN2VgXBCDG4lwnUKYsvqmkirdaQ2BVgbJzOq7A0tk1JvTG7-eXcp5MtONwKaYljJTdKuQCV6Ucl4m2iQSmMDvHkUIUPeNVMP7E0M3fk1Uf0OiP1Fra0yyttf1dzHwpai411CtBbsWTUOAzeFUikEuzvxsNOPjRLE2Yga8GXXn_v2iZnnfijJHU8JtC5mVxsKJ06rDQxn9d2NwHFb9oR5XERZkQeuiYWi6wXkNSNCmowfJXlrt5xcs4wkNtlbtbacJI3P4-Q8Sr2XPVDzBkgG0fXDq59OtEbbhXP47Wn7OTkorqFjOqzaE_y-sqK1_5LZL5oJKTrgvBtVbylVQ4-h-wniR_1jVGSJBgIgPD6UIpV0bDLo3zVnNhXiZaG4xEkE4wR06vuu_CsVjuyJbPsNKuixFxef_Cqjx8aJeFTuUQSm-rpDabVruurf15GjOAY3bcnMfOYMSR3A5voJaO9xiEiZsod4zXvtMgwBoIRW0XoFDGWANKQg8b82SR5IbB_b2GpkW4TdniAS-IqANrdUT_3cBxhuPyOkGbzNYU5CInHoTIV3j9_MnWHjHv1is95cICShWo1yBuBYw0_gD5dR4BSds3IcHDIzhqfJilNKqmZt1Lx_luVKC6YK13dSGDJsOJ54K4fww4ZFrIHuihHHdpkKi6mLEsp3HaCvHI-tzsGDHMo3Tf3vWXv4akHdWspM_N7CeYDmT-HTS6ld_zs34BobH7xjAx56ke0C9U1Arxnk5wndp8SV6NUEuwjpJQySDorrHdO-yCjc3fCc1x158y5JYXS6U9N7VS5nw494PHLkxwVJ0xihdOE2RaVaysH8TOsfkW9I8xT4wZdkztX0KHrJIo7b05jRtpuo8wxinY4YEEN3HqnMpxa-mjvfaGGGKDilLlmOqcc5S3HKiyrllvPqo8ZCGQkb8FahXI3TuvfFregKn7FA8kSLT3wyR8jLxkTSH0VgunIdaASfidFl3UkUDW2lsre0PS8yqceXGMQ_G6a39E0_wYhvjXjUwW349v561UF8CnWubCXGMXtce2vK8uvMGsG2ZOVuRHQwOx43rwbv9OL0nwahYhVELp2y-s4lVzImmW4dGVZaFR_I9wRliTfqhg_BHL-wW_IB2n9czqt2Atrt9Zav1CjreyCzhta2s6NP4r3j4-atBT3WrxncihXqjEzl6khVBi47exoYwStIcxfQRWI3k7rq2f1Sq2G30zgJT3PWD-4mQAJhn-k_D5D7PfqzlswQWtl1F0sn_ASuWciEWT9BCHnfVFqKayBhc2Lu2_Pk5EPhqHBtHCSyEeZ74af_Djk_N-ebuV1eErCNWf1Fr2CxJvAdHY_Z6TWXkFH9qrjdlIbwX3B3Z_HUsn0vEVJ3iNlD_UQOeXG_qoH765B9446DbtxdyF1fR3ITjIuqIBdrVwYr2zJOQa24gcBHrolBVCNyWdOJXfyOsDmgMp8L_rVwNUMfMifP4xzyX5Yj9KL6hk42WfIrTcGir6WN4IkZqZPLk_T1iWkw5Nmy3qHzIVSBh3fQQ5AeRHzrvCZBAy6M1S8uFtY3Li8ETA9ZqECF8ivAzZBqkj1wsnvS7nZJEmySDk5l1CQ_PUQr6SzHVzdl-8c2tA4sJMqaqCPTJoryUXJm0cgAf4n4TGzmjFHRY1c0Gc9GXMamySYC2QyfxNQ-EZ7NJwOsRwfnbidDpRAVwvL8mgqogdv_RG7EmvfTQIlMFBcWB0b7t0OeVBMqw4t0T4ELAbxTM9yoGrWyVeOFwk7HJwlLt9Td7Kuz58kOnxta0WstdVEzjXEIZwrYm9y54uC9Tv6Se8zxCknDfzmxOf5xqoA69hiZE2s4DW8NtksS6r8ZL6tGx8AtC-622P2AD2fxgkewwNWyDqiDOcmcjz-76RT_YXTA-PzBQaoUi_CPnvpseQcLeDBl7xKEhy3gJUcQdW3wlzeBbjBZ_mBvXUasFYs_1Sw9xib7VpWW9TMdsQuY79DlOkJzBw4v52Z05-hKPQCRMSGCE_rjMfPB0wymrDjtSFy-O9FRaBqtHynOwfypQ2PC3-9-ZUFCFcV4NQhjPRJj-9B7RVIqglCEDli_KjJr9ERazq-K8Wt9WKmgikxSBszERKjeRQYW&cid=CAQSTgDICaaNKHBoT6qmFUhT-uaMcwM4Il3lj20dEDcUJebKsaKow7HPvPLk3YKI5y8t3Fy5jeZoY_G-WbY3si4XaQ14WJfZvwr_vQUpL46acxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=6560775373199426000&adk=3047537734&idt=148&cac=0&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
329036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 14:48:25 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjExNjc0MTQ3MjU3NQogIHNlcnZlcl9pcDogOTkxOTYwODMKICBwcm9jZXNzX2lkOiAzMjA0NzQxNDg5Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIK...
ad.doubleclick.net/ddm/activity/ Frame 5613 		0
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjExNjc0MTQ3MjU3NQogIHNlcnZlcl9pcDogOTkxOTYwODMKICBwcm9jZXNzX2lkOiAzMjA0NzQxNDg5Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2Fkb2JlLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxODQwMjY3MjIxNDU3MDY5MDM5MQpkZWJ1Z19rZXk6IDc1MjU3NDg5MTQ4NTI3NjEyNjIKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTA5IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogOTIxMjI1MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMyMjQyMDM4OAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNzQwMDg2MDc2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE1MjM1NDcwMjIxCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzk2MzI4MDc4CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2Fkb2JlLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2ZsYXNodGFsa2luZy5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9mcmFtZS5pbyIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xa625d7452d0e82a70000000000000000","13":"0x6fbb6c39ff2604d00000000000000000","14":"0xc79a3399dbc8d8da0000000000000000","15":"0x8c3d11181b97e560000000000000000"},"debug_key":"7525748914852761262","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"18402672214570690391"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src_internal124.js
cdn.doubleverify.com/ Frame 5613 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal124.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115752&plc=4398657&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0j-SJVhuAmHV8sjKk36Tirb&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=449233607217&turl=https://reurl.cc/gaOWLp&DVP_PP_BUNDLE_ID=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a800::17c3:5b8a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 10:12:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Nov 2023 07:41:53 GMT
Server
UploadServer
ETag
"36b6087525da09e8974d3f2aa1f7282d"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19649
Expires
Sun, 08 Dec 2024 10:12:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9537 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BGzBThT10ZcOIEs75s8IP27Kh4AQAAAAAOAHgBAI&bg=!SkmlSQbNAAY3kmNgF5I7ADQBe5WfOPljZROO7xNnAvw7qK0TgINEdpxDqSmc0JlI5fGVwOtyDs71IySfvfjBONpC791FAgAAAE5SAAAABGgBBwoADft7m_t0q9M5DDR74C6ZA0HEuXIVhgjo3es8rmufpcD3TGcR5XFGeWkY-Xb5HIKBzDYDHYHMW7XF7_EKGosJMwAU2a1Ao28YuEi9RYycbqO1VZ9UYxrrmA96JTd7CrP06dnGdqSYZfpKeklLtCQ5XbKZnWQCSPZnnjQT744-RUprQ_MlPrbdAFWcZ9MVg2B4-J7mWPDE-zn4OQM7DWdnA1qq17GQ6nkR8wHszBMwgy0BP-G0DIlcwiu3gJXnNmvh_E6PT7ISWvKODSGBTGMylUvWqQ1Sv7tJ6bf8KYc9yJda4xEZSD6MZI4cOF-nVD2AD45SG_SVWtPF__rnibuYdl8PoE7ItqebXmAiOrB-DUVLMJ0Pd3_MTLun5SVrIxKW8lDYqq8SEHRe0FUJHl6L__encmONnrH_UBZtnC_CFRdhDG6EH_sh1kFlZDW1brE4Kp8yCYnR82GCCEdh3vnnK6GSCH4WWZEDjI1NzIoJ6sbBhGtYM5fzVUdt_2nX1NsDRrneADorWLFsAcMLzE-s82_mmQvKHQj6vImlH87b1xbgo9rufMtWz02ttYmkDegxYpT-EV6Z-zgNlV2dnOhQALz-0KrJeltJNPi2Le9giE7ci1pl7nW7xMizEZ9-SAlr4MNpjInIrGF3CLVg92ZGyOY13P0-bxD0k0g9VlgBMRID1pEZ53CroTk-FLSVcs5WyeB4WyfeX3jACc3fcujCpvXQ-7b6W3FMflui7vemmBnFJkXgBm9S4xYm5xuvzUfrCVR21MU5NfEUXniRyQS5ibnynvlC-u6Zl-mtkzQnj3IiUH6IQGoFgN6f3I8QcfMkvBpR8PyQy0zHgbG7RCAxXDlw5zkgOEEGWbwlIBzm-90HfPQuS1bWCBV_sMpamkkBUZqT0D-eT1pDyucd0CgxUXH5B6lsCRZ2LdFSz6eHv-TSSYxtexItVD5FHwCqZZuXyj2gzQqGqKwsZw5DpbX3Zk9BEMHBqGebnAHln3besOpZWfOwHaZijKIP21KiBm6P_-8TCziFK6mlfphbiWxHepY1YLf9j53Um72JYjwZjRpNxFZsSlreY1xbbW4sOjupbCY-Adkl87K4NDriniLhhjjGduFQd2E1aUQsf4BlHfDLhQ
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 269A 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
224866
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 19:44:35 GMT
expires
Thu, 05 Dec 2024 19:44:35 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
verify.js
rtb0.doubleverify.com/ Frame 5613 		1 KB
929 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_601537652725&jsTagObjCallback=__tagObject_callback_601537652725&num=6&ctx=1828362&cmp=115752&plc=4398657&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=601537652725&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&brid=3&brver=120&bridua=3&dup=null&turl=https://reurl.cc/gaOWLp&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0j-SJVhuAmHV8sjKk36Tirb&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=449233607217&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=9&brh=3&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=171&eparams=DC4FC%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BAU2%3F4r92%3A%3Fl9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTaubb%60g372bc%606a%60ch366%60fd7%60fg6ea%60a2e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=7.40&callbackName=__verify_callback_601537652725
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
537ca7a252b652d62df215062a8d00ba452611e7c778a9677118f67014c23d1f

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 10:12:21 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
12/08/2023 10:12:21
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 269A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 23:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
296090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 23:57:31 GMT
dt
dt.adsafeprotected.com/ Frame 036A 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1527247&asId=9e0b2962-b786-8029-cd83-7dd05f5ef6a5&tv=%7Bc:wkpRCy,pingTime:-10,time:806,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNTQwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS43MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702116741665%7C%7Cb9f54122b8565320b89c43dcdf777696%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7C9d9362987d17d437bb7cbc01486a8f00%7C%7C7489ba27641ba8b2cff9e052b129293c%7C%7C4e3c2f70cb65ebfa1d0fcd960104ee45%7C%7C39c2fbfb33f94b41fdd78ffe5efd247f%7C%7C9652466f9ed21a5691cf10cbc8ccbc72%7C%7C1663701684%7D
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:8176:7413:21c:ce90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
t.ssp.hinet.net/ Frame 35C2 		37 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
2044cd25e688faf5e6dba6c7f7820f7fe1c96ad80178c2f98d2d64e3312bdd7e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame 269A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B2Eb8hT10Zf_rHLO5pt8P8fKR-AsAAAAAOAHgBAI&bg=!6eql6qXNAAY3kmNgF5I7ADQBe5WfOPSY65zcVyXulMYESgdNF1xW5TYZiXg93Gu6YhlNFWWohhoQxrbvdVJB2NWCFYfiAgAAAHJSAAAAAmgBB5kDJ3Y_x1Hbo-GivNzziloS6vvZttL3ZuYZDwTYviPZjJol3LgZ-hihQUaJu8gVNRrIZszgR84XmNb9sj8qc2tPfZIeL7BKsMB3f1sNkXhAr80VqjdfOKNTa9yNQmsA3xuvLum1QItAJ2Kzj2_gofMuS5XnfuYIuEZ5dBcRlqYTkEMZ2Vm-Z1SpqXelKZJhbTMl16WMyyehWPV_ZRCHM93rGu3V7kJn-TCMc36_lKA0gyJT46dh6C2yElPU982Cu5DCtjQMD_iciA9PImzXBcsVCFywT0mwh6uQRHzx6mMRuV3SruzsVqI1v_rN8ZReHE1HG85dMIDm9SNA9Xmxbxy3m_LSMl9VIP635SPxSWmH-qzbu4bEWDxYrP7l8IeDfKhRg0Z38aIcjBIuaWAOH7udzDLCzg_MlQ5xOYhN0YsS_NRNeX6xEMzzx9m6Hw7IVlYxpkcSqSJBh1DCRVAgdHAtVG6YA3uO8_0bmv-Q9FiQAF587uuP-4sTUBXnlq67PjUYancD3WQlgvGedFve-JBXRSzxmNoYfsVC3DMfRjvTxP-cxqprAPUaBprEWy0H7-Ztlqh7CcJ344IwFWCLgHTVdANbhF9osUD9LmYH18aDU9wfnRoATLECbc7Zt7EKKU7Lr3BzEO3zrI8GbwvPrM-f7Fwk51RqWdyXHOvks3zuPy0aPHx38yfKfEyhgzKZ5tywP16SO2vjUtM4xTsU1TrKBvLhBj-RX3vHFF3tcfUeNM05ivWNmW0oq3-a1DzD-V7cQNKYZwOaE8_ksH5B6nHJzBpSrOBWR5BW_0iHGeZS3oPdUupYRYgJhth84GkzIGyQcKnLVNplSqtNM1U-RFzDDFm6-1N_Wxx4i3lRPlU2n-wYJlvYOYnsWRHjRUedU_RN8tYKiVOA9ZggD5asUPyzYkJdSTgjLgvFULQeOKOI36SgkZw5MziEmjslK_2lgE6G9Sq1MzCtZRmB4007dCP0wsyo-hzJ55B-qVD0eiLB1OWqIDJ4CRieDEotidjledRzGn7vjrQwl3wMzpFHZJOWPrRPCvmJWeCqYtSE1zUw0pO2i9WOpq2kCw
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
emome2
t.ssp.hinet.net/ Frame 35C2 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=924b0039-31f9-447a-a8f2-b8fe9f40517a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
dcmads.js
www.googletagservices.com/dcm/ Frame 5613 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 09:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7823
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 23:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 09 Dec 2023 10:59:19 GMT
impl_v99.js
www.googletagservices.com/dcm/ Frame 5613 		59 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v99.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:44:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152876
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23872
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 14:22:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 15:44:25 GMT
B9689862.280410797;dc_ver=99.292;sz=300x250;u_sd=1;dc_adk=3047537790;ord=osxagj;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Freurl.cc%2FgaOWLp$0;xdt=1;crlt=njF94...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 5613 		67 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;sz=300x250;u_sd=1;dc_adk=3047537790;ord=osxagj;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Freurl.cc%2FgaOWLp$0;xdt=1;crlt=njF94-zqzJ;stc=1;chaa=1;sttr=17;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f6.1e100.net
Software
cafe /
Resource Hash
206603377c2fbc79471a97b70a798c665bca41a5071204b7e913e486287eb959
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30675
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame C3F2 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 09:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7823
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 23:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 09 Dec 2023 10:59:19 GMT
impl_v99.js
www.googletagservices.com/dcm/ Frame C3F2 		59 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v99.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:44:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152876
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23872
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 14:22:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 15:44:25 GMT
B9689862.280410797;dc_ver=99.292;sz=300x250;u_sd=1;dc_adk=2228999106;ord=ibzayb;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Freurl.cc%2FgaOWLp$0;xdt=1;crlt=njF94...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame C3F2 		67 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;sz=300x250;u_sd=1;dc_adk=2228999106;ord=ibzayb;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Freurl.cc%2FgaOWLp$0;xdt=1;crlt=njF94-zqzJ;stc=1;chaa=1;sttr=9;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f6.1e100.net
Software
cafe /
Resource Hash
2c817cf617e9c30c5ac5155ba074057d21b06477fb0a3fcfb9152b967ac019b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30914
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 036A 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1527247&asId=9e0b2962-b786-8029-cd83-7dd05f5ef6a5&tv=%7Bc:wkpRGv,time:1051,type:e,im:%7Bpci:%7Btdr:1005%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1052,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1044~0%5D,as:%5B1044~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:183,fm:tXW4nGk+11%7C12%7C13%7C14*.1527247-72330247%7C141%7C15,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:19,sis:426%7D&br=c
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:8176:7413:21c:ce90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:21 GMT
server
nginx
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
fbevents.js
connect.facebook.net/en_US/ Frame 35C2 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 09 Dec 2023 10:12:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
vNAqaxwo4KV/Lin+GsvfxZnzecmoKY8N1cM9neGGJh57GGybXnbOcr+OqrjIIN6adVWk9dct65jwGLCXpsi+AA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 389D 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 09 Dec 2023 10:12:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
vNAqaxwo4KV/Lin+GsvfxZnzecmoKY8N1cM9neGGJh57GGybXnbOcr+OqrjIIN6adVWk9dct65jwGLCXpsi+AA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 5613 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;sz=300x250;u_sd=1;dc_adk=3047537790;ord=osxagj;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Freurl.cc%2FgaOWLp$0;xdt=1;crlt=njF94-zqzJ;stc=1;chaa=1;sttr=17;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:33:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
49159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 20:33:02 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5613 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuDjCRyhRIvGBa7d04g_E2_KXaCAgk7GUn04NV11Ps_xSk_V8TOI-0sWGB9nxFr24UqDcTd2wVt5Z4zD5UkgMwErrEZATcPGqwfMvqJcqMgiFoysPTWwviXxmNplDzIkAKJJVo8Ne2UO7lBlY5QQKHsEPBj4Q&sai=AMfl-YS-tr1zVs3dG0o9XQSXyx6mw5TPkY7Ltlmuz_efWriMrwR5wzvI3w-59YnrEcejD5oyhVqVqCDXSLFKdWd0N-9dQvLQ4GpaMWECMA&sig=Cg0ArKJSzIqpmAZvDeqpEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20231206.36287&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;sz=300x250;u_sd=1;dc_adk=3047537790;ord=osxagj;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Freurl.cc%2FgaOWLp$0;xdt=1;crlt=njF94-zqzJ;stc=1;chaa=1;sttr=17;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 5613 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;sz=300x250;u_sd=1;dc_adk=3047537790;ord=osxagj;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Freurl.cc%2FgaOWLp$0;xdt=1;crlt=njF94-zqzJ;stc=1;chaa=1;sttr=17;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
329036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 14:48:25 GMT
12224131752392196093
s0.2mdn.net/simgad/ Frame 5613 		144 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12224131752392196093
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f6.1e100.net
Software
sffe /
Resource Hash
e80f3c6479f08a7ea0b97f0c3538f4d3420e0f00df102e15469e7fc6ed013cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:15:44 GMT
x-content-type-options
nosniff
age
50197
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147304
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 20:18:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 20:15:44 GMT
dv-measurements5084.js
cdn.doubleverify.com/ Frame AA2F 		424 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements5084.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a800::17c3:5b8a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
dee10fdcd26b484406619a49a9148dc00d73e2520c9c80aa1ff9489279d874c4

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 10:12:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 08:15:00 GMT
Server
UploadServer
ETag
"c3585554306d55af8af83ddde3306ca6"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
102698
Expires
Sun, 08 Dec 2024 10:12:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5613 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuDjCRyhRIvGBa7d04g_E2_KXaCAgk7GUn04NV11Ps_xSk_V8TOI-0sWGB9nxFr24UqDcTd2wVt5Z4zD5UkgMwErrEZATcPGqwfMvqJcqMgiFoysPTWwviXxmNplDzIkAKJJVo8Ne2UO7lBlY5QQKHsEPBj4Q&sai=AMfl-YS-tr1zVs3dG0o9XQSXyx6mw5TPkY7Ltlmuz_efWriMrwR5wzvI3w-59YnrEcejD5oyhVqVqCDXSLFKdWd0N-9dQvLQ4GpaMWECMA&sig=Cg0ArKJSzIqpmAZvDeqpEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=75&vt=11&dtpt=73&dett=2&cstd=1&cisv=r20231206.36287&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;sz=300x250;u_sd=1;dc_adk=3047537790;ord=osxagj;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Freurl.cc%2FgaOWLp$0;xdt=1;crlt=njF94-zqzJ;stc=1;chaa=1;sttr=17;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5613 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 10:12:22 GMT
12224131752392196093
s0.2mdn.net/simgad/ Frame C3F2 		144 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12224131752392196093
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;sz=300x250;u_sd=1;dc_adk=2228999106;ord=ibzayb;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Freurl.cc%2FgaOWLp$0;xdt=1;crlt=njF94-zqzJ;stc=1;chaa=1;sttr=9;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f6.1e100.net
Software
sffe /
Resource Hash
e80f3c6479f08a7ea0b97f0c3538f4d3420e0f00df102e15469e7fc6ed013cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:15:44 GMT
x-content-type-options
nosniff
age
50198
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147304
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 20:18:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 20:15:44 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame C3F2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;sz=300x250;u_sd=1;dc_adk=2228999106;ord=ibzayb;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Freurl.cc%2FgaOWLp$0;xdt=1;crlt=njF94-zqzJ;stc=1;chaa=1;sttr=9;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:33:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
49160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 20:33:02 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C3F2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss2WkRgpiy6nwGtbX4iVA5Z2EVUCP_Ipz2cJtK-1mc4om_-aGPZ4RdL44UXGL80Npy-ZDvzCqSnv6WH1nLZjU7CeVHYqp_vL0MTR8mWz5O6CtG4i-JrP6w-dfJHLx26U8-iqcPR5CjTm2qxZh67nnvh6creoQ&sai=AMfl-YSYMiUKmnOZfjnVIHJUq0mb_5PXH5yerd5VT7UezMSoq3mHMJLF_56RTiDifBS-CKQ-YnG4Bvtat_bKR8I3XBVd_yv22iKVMJSaaw&sig=Cg0ArKJSzLR6EqQRKkvjEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231206.19638&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;sz=300x250;u_sd=1;dc_adk=2228999106;ord=ibzayb;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Freurl.cc%2FgaOWLp$0;xdt=1;crlt=njF94-zqzJ;stc=1;chaa=1;sttr=9;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame C3F2 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;sz=300x250;u_sd=1;dc_adk=2228999106;ord=ibzayb;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Freurl.cc%2FgaOWLp$0;xdt=1;crlt=njF94-zqzJ;stc=1;chaa=1;sttr=9;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
329037
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 14:48:25 GMT
dv-measurements5084.js
cdn.doubleverify.com/ Frame 08E0 		424 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements5084.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a800::17c3:5b8a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
dee10fdcd26b484406619a49a9148dc00d73e2520c9c80aa1ff9489279d874c4

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 10:12:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 08:15:00 GMT
Server
UploadServer
ETag
"c3585554306d55af8af83ddde3306ca6"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
102698
Expires
Sun, 08 Dec 2024 10:12:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C3F2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss2WkRgpiy6nwGtbX4iVA5Z2EVUCP_Ipz2cJtK-1mc4om_-aGPZ4RdL44UXGL80Npy-ZDvzCqSnv6WH1nLZjU7CeVHYqp_vL0MTR8mWz5O6CtG4i-JrP6w-dfJHLx26U8-iqcPR5CjTm2qxZh67nnvh6creoQ&sai=AMfl-YSYMiUKmnOZfjnVIHJUq0mb_5PXH5yerd5VT7UezMSoq3mHMJLF_56RTiDifBS-CKQ-YnG4Bvtat_bKR8I3XBVd_yv22iKVMJSaaw&sig=Cg0ArKJSzLR6EqQRKkvjEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=75&vt=11&dtpt=74&dett=2&cstd=0&cisv=r20231206.19638&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;sz=300x250;u_sd=1;dc_adk=2228999106;ord=ibzayb;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Freurl.cc%2FgaOWLp$0;xdt=1;crlt=njF94-zqzJ;stc=1;chaa=1;sttr=9;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 5613 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf7c52d22ad6f42e3829d82f838f35edb70ca2541396ac81e50d0e7c862d48fa

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame DCF4 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
224867
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 19:44:35 GMT
expires
Thu, 05 Dec 2024 19:44:35 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C3F2 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 10:12:22 GMT
truncated
/ Frame C3F2 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6e2bd9d60bbb95105042f15104f1e98bf0321c60b01911e559fffbbc53afa98

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
visit.js
tps.doubleverify.com/ Frame AA2F 		699 B
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=122&ttfrms=31&brid=3&brver=120.0.6099.71&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BAU2%3F4r92%3A%3Fl9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTaubb%60g372bc%606a%60ch366%60fd7%60fg6ea%60a2e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1702116742141816&jsCallback=dvCallback_1702116742141197&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5084&tgjsver=5084&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=9&brh=3&dvp_epl=209&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://reurl.cc/gaOWLp&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0j-SJVhuAmHV8sjKk36Tirb&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=449233607217&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=83252640330.93358&ee_dp_sukv=83252640330.93358&dvp_tukv=1450729830.54763&ee_dp_tukv=1450729830.54763&dvp_tuid=39442277035&jurtd=2786830425
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5084.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
c2c3293a14f79b383984a6e7cbc83230f56f64860c09a6aa3684cdb77bb6a4fb

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 10:12:22 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
12/08/2023 10:12:22
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 688A 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
224867
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 19:44:35 GMT
expires
Thu, 05 Dec 2024 19:44:35 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
visit.js
tps.doubleverify.com/ Frame 08E0 		699 B
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=176&ttfrms=11&brid=3&brver=120.0.6099.71&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BAU2%3F4r92%3A%3Fl9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTaubb%60g372bc%606a%60ch366%60fd7%60fg6ea%60a2e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1702116742272952&jsCallback=dvCallback_1702116742272772&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5084&tgjsver=5084&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=9&brh=3&dvp_epl=209&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://reurl.cc/gaOWLp&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0j4j0u7Mu8_Ha8r50SODBS_&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=449233607217&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=3028998370.934861&ee_dp_sukv=3028998370.934861&dvp_tukv=3561957715.9770265&ee_dp_tukv=3561957715.9770265&dvp_tuid=630511928777&jurtd=2093590789
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5084.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
7eb1615cb979594d3f72752d31d62a3ca93e5b9622ee4b2be5034d540fdca994

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 10:12:22 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
12/08/2023 10:12:22
cm
t.ssp.hinet.net/ Frame 35C2 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=undefined&mp=924b0039-31f9-447a-a8f2-b8fe9f40517a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
924b0039-31f9-447a-a8f2-b8fe9f40517a.t.ssp.hinet.net/ Frame 35C2 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://924b0039-31f9-447a-a8f2-b8fe9f40517a.t.ssp.hinet.net/pixel?bd=924b0039-31f9-447a-a8f2-b8fe9f40517a&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame DCF4 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 23:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
296091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 23:57:31 GMT
ads.js
ad.holmesmind.com/adserver/ Frame A4EC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=913&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=4202-rKaOSkl2jdYwOuGFKNm4O8BFEVDsh762&fp_uuid=4202-0d578ec5f470c55353562a7886850c79&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b38edecfa6faf279459e59458d16f69f3d4eea964acaf81f268b71c8af2e5bd9

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sat, 09 Dec 2023 10:12:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame A4EC 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Sat, 09 Dec 2023 10:12:13 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
10
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
Bm1yirdFwwGTZlR-J2k3S-D03Ho3DidZwEKFMNYz97OjEspo67fUjQ==
publishertag.js
static.criteo.net/js/ld/ Frame A4EC 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-20a3d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 10:12:22 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame A4EC 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Sat, 09 Dec 2023 10:11:29 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
54
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
DyJoGlvw_Sb0Ex3peRNI3ZVAleAqJLcYHCMPqg2Ly2-I5-68ELuVQQ==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame A4EC 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Sat, 09 Dec 2023 10:12:13 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
10
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
mKy_AKlg4gcve6vTMBqTDc3xx7-kuxG-WrIQcuymwXq6bhERDJutAA==
appierV2.js
cdn.holmesmind.com/js/ Frame A4EC 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
vx758Mn4TxvAFYWIa_VgUv909JqZwBmr
date
Sat, 09 Dec 2023 10:11:48 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:30:47 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
35
x-amz-server-side-encryption
AES256
etag
"a63d91ae98de3f6d3d1ec4ebd2b3bab9"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3349
x-amz-cf-id
2-EABMp_kjJ_2TBIwZElV_tFE2OMc5IueuO6Aup3FXDCQGo-k85yqA==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame A4EC 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date
Sat, 09 Dec 2023 10:12:15 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
8
x-amz-server-side-encryption
AES256
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5467
x-amz-cf-id
lC9SQL3r9rZf1TtDXuQSsdnKVVZuyoRHViEe_qLn3onamYqyqu4L7g==
ads.js
ad.holmesmind.com/adserver/ Frame 8A82 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=915&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=4202-rKaOSkl2jdYwOuGFKNm4O8BFEVDsh762&fp_uuid=4202-0d578ec5f470c55353562a7886850c79&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
81c276588619f1c40eedff545b03407fdb29f28a7cfc34ed0e53979e03006ed5

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sat, 09 Dec 2023 10:12:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
appierV2.js
cdn.holmesmind.com/js/ Frame 8A82 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
vx758Mn4TxvAFYWIa_VgUv909JqZwBmr
date
Sat, 09 Dec 2023 10:12:22 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:30:47 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
35
x-amz-server-side-encryption
AES256
etag
"a63d91ae98de3f6d3d1ec4ebd2b3bab9"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3349
x-amz-cf-id
od5TRjQjjQSpmoCaRtOezjA653aWF9fO5rsCs8LDIVe9P9hBLxuGxA==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 8A82 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date
Sat, 09 Dec 2023 10:12:22 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
8
x-amz-server-side-encryption
AES256
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5467
x-amz-cf-id
KAMoG80zuCzMK-EsgWP-WTwGtXGKuJLXWo28-yOOM_Qo6vuOnxEHfQ==
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 688A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 23:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
296091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 23:57:31 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame A4EC 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Sat, 09 Dec 2023 10:12:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame A4EC 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.25199231937573296
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
f66a024262683368febb424cb6c22a4feaab9d1ccbff88b3c4ffeca1dc85f5d1

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Sat, 09 Dec 2023 10:12:22 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
bid
ad2.apx.appier.net/v1/prebid/ Frame A4EC
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=NTCP2zaKCSa2Mkbbhj10ZQ
2 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=NTCP2zaKCSa2Mkbbhj10ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sat, 09 Dec 2023 10:12:22 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=NTCP2zaKCSa2Mkbbhj10ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame A4EC
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=w0VKy1j-DsG8QHG5hj10ZQ
2 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=w0VKy1j-DsG8QHG5hj10ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sat, 09 Dec 2023 10:12:22 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=w0VKy1j-DsG8QHG5hj10ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 8A82
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=GTOAGw7cAq6SzR4Ahj10ZQ
2 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=GTOAGw7cAq6SzR4Ahj10ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sat, 09 Dec 2023 10:12:22 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=GTOAGw7cAq6SzR4Ahj10ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 8A82
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=2_5WDdSIC5iWIkrEhj10ZQ
2 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=2_5WDdSIC5iWIkrEhj10ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sat, 09 Dec 2023 10:12:22 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=2_5WDdSIC5iWIkrEhj10ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 8A82
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=bCbRDEwvA7qrEtDYhj10ZQ
2 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=bCbRDEwvA7qrEtDYhj10ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sat, 09 Dec 2023 10:12:22 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=bCbRDEwvA7qrEtDYhj10ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 8A82
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=xsZN_TkhAlWfkLr0hj10ZQ
2 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=xsZN_TkhAlWfkLr0hj10ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sat, 09 Dec 2023 10:12:22 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=xsZN_TkhAlWfkLr0hj10ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 036A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssy91jb9vZKrUhAyiOdf1Qlka8Tmqx2WQFYmTpzUDaxlqcKR8VEmSfkQ76AAsnMyotoba8-C3DmqbZEDV7B9fF1ahcjPbOuwQ2NaLJT966pI8HKgEXwBxABgnKV7w4MbhJvfYoSAPHNlw&sai=AMfl-YR4348wjplwnLX9zSN4S8BeksFNN8GWD2SXB6Q9jCrmFaREIpQXqDMkO7DhbXjWU8utQeQsqWWBX6b0jfRBYNgt4iDsmghXrc9JTOZOqEftbjQE6_fuZ8I9FnLL0BU_U_JRbQS8baw6JGN0YCG9-7d_lIXDWcxz7o4&sig=Cg0ArKJSzJ3hO2MfDoUHEAE&cid=CAQSTgDICaaNedG3SnRdOn68dc0xt0bz0eZRPEGX79c8tiPwcj5yqAynmlJjRCwyn0uTxV7VlxTxa0P2RJTglHgHJiLbTvMzk3owLrqA9KKsHBgB&id=lidar2&mcvt=1026&p=978,1352,1232,1652&mtos=0,1026,1026,1026,1026&tos=0,1026,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702116740587&rpt=841&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
drawV2.js
cdn.holmesmind.com/js/ Frame A4EC 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=913&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=4202-rKaOSkl2jdYwOuGFKNm4O8BFEVDsh762&fp_uuid=4202-0d578ec5f470c55353562a7886850c79&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date
Sat, 09 Dec 2023 10:12:00 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:54:55 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
23
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
8zsbJ3XyiFzhUY7pzQjZuGRSr6cHf2kh3ZmMIjVouK5vHw2C7pahdg==
drawV2.js
cdn.holmesmind.com/js/ Frame 8A82 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=915&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=4202-rKaOSkl2jdYwOuGFKNm4O8BFEVDsh762&fp_uuid=4202-0d578ec5f470c55353562a7886850c79&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date
Sat, 09 Dec 2023 10:12:22 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:54:55 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
23
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
mS-F7XftCS8XVNC7WO9aSfnKPx07Jya78XspcD8lE3YNa4hWix_odQ==
view
securepubads.g.doubleclick.net/pcs/ Frame 9050 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstabsVpSNsTDugTYNWx1fk1tUAKJXzK0hmn68wPwZlCABOwqzg1pXNbsR7YZ8RHR5uAwtDVgLNDC_pqkik6eSyAq-QioaQFqckbqh-3BN4zC9vWad7k7bQqrZmsPlmGtyctTMOUjkwKwf8Z-hCs96l8-9AdfFXDhczHrxdB7CVwC7R_poqWl5fRYBCCmIbqnzQNQVxeDNpEZTB9VAR5tFrmCkdhBReX6rsmevZupPn6myJumVZjJunFWH13tH_30LO47reLVwzV7r2S_YjBTPR6WjwcFRSmTyjLfd6jV_G4h8ZIYXtgxeTfhbndW1ol9ty9DVsPprJV8NTqrvQQg4RVHQ5a87L_YNcAFyw3u9F58tooyGjuxOmArFnapWAnXso&sai=AMfl-YTRE6QnKFq6-Bn_whHt_Cv87kHVM2N4jYbC9wO9NstN6fPO7R3rrqGc3JokNWL3-hCmCU65PPgvbEcDCHAJdCEepJTMP1W_yJCxv4MPK1gYunE8CVoJroApmPoX16_SYS9VhviUr8WlxqWBQFdrsHLsW1vk23q1NztKgA&sig=Cg0ArKJSzJrHndEs5dhwEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 09 Dec 2023 10:12:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DCF4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BJPDShT10ZbqqNYKRpt8PwcqE4AwAAAAAOAHgBAI&bg=!QEOlQwzNAAY3kmNgF5I7ADQBe5WfOER0zAftmbKlQHhm4cqcE9Kvc7DgnAJ7ThQ4-VwpFiY_HbgrnVrDgdXYJkk9ctsXAgAAAHdSAAAAAmgBB5kDKREsrWJ3oIkCrvRflojj3CcudlApIdTG6dk4Qrr8SZo30wN3yNGq6Y8GniRv30l_KrDp2rRZBz_EvnwU3m7vZeF3WBvvijq9WOkbMYaMcjcaCRwPiXZvGpQ0IoaL0G2GUApje7dq_qMrNP3ubjQG9ESgGuqXFPcoazFAOzKyhjpl9ODte-cnMjmFLgeULX82SWXa0hBswbN4XM0mvC-6S24dg2_26KUwd8vrng7ltjSCUNRx0EV2bilDTQbI5VF5zpgUpCJxeVJ7vuRb5RZRaw1YhMrvD90XDhLfqZKF7rWuhg8aoLrOhkJJMB-udpTNf54GIVbRHI21vPny3LtJmJL8BpFrNYDsQYJk6Hl092YEFSWWG8wNCoDSY8F42RdXr5JjiT9Mj8F6A_jpeHi_xuCX29WHB8s5JQchOA3x5AaGDTQo67EA5VYzqNjET4xJGuVKKxk2tRx3LqXtyo_yHrIYnF0TME7kRKMrp3vKdsrXr0cc2vgfGZFtflrBl3jgONG0Ixcjy6P8Pt9Uks3puWRwLXodjv8aiI7y3CFY9HIj0hAGYVVORHUjLLd80dPKxNS08j4SwnTvYaBpmDai2hDGmqw24hDfg3TBLJ10O1bIYFBvXkZf5JCOwiTH42QcYbl6MZARvsxr_CLXJk1CdxEaSTuliBHUJ_DXxhZfvIjL43_1eYE8Qxr7Wb993B86k09eLwnF0bvl6PcdZTNa-6ijGAxRJJLe1DfiqJjHkdI9fQUv8JUkfX-JdR6ut38hdfcn-zyqpqezqA2-JKEOVfIb6hNq0AvkkAkbZ8ZOLYYS7jRrtkG5P6HHqHbAfZCkEi-T3LB7lgwqvkvWoDilOsqUHnAYy48gV-bZKlWIJ6SceE2vyzRCFLGP9nnn_ox5fomHcKvDENGBhz24rSpjGbJoE8qOY586fSlWLMFyET_v47dBclgMmNZGGsemU8YL0j7ygJz-PlfDkURXZrCDIvhLfr_nNmoOZuvojgAiiYWp4UmaBDlPDxxtYVUXP3kBxMBCA_MXjzfC4mZBie0EtZRGhycwP--g99dkt5Pm1HCYyMkFAZkpPDS5
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 688A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bsc3ChT10ZZDeN-n9s8IP546AqAEAAAAAOAHgBAI&bg=!MTKlMn3NAAY3kmNgF5I7ADQBe5WfOOh9vAg7XNB48-7H-jsK_H5XEsiMijo8hXj4nE3tr_TCGj5ozfKRcBRaVyB5ZwD5AgAAAGlSAAAAAmgBB5kDIEfDcBTStBE-R2KBXadYQT_VKbRVPXSaz1yx2DuLSfASiPFXk1Q7lHxbFZScFdWBhT5DvDnDPflSr2nFzkWEGyHJlPpKR43hEr0bK1xHEICruPHgPpnQdKCsFcpRcWPhOiFMrGFnntubYGAvXUxqaEgakdHl3aN34Z2dpcxZCiJSDDtXqa6UPxh_E8Q_fTZ0yET5r6y7EDHF987eKYURlcYkrxTHvpU75w6eF2mWSOu8uWaXdCoPy5wkrOdw5IAW088ZHNWF7MxreH4f5qDUJaEcybRVK-GjZo3-TTb4muGopp-OwbqGAbFFdyHOIP7sYGyFOjz9n6sIdieJcaNk311O4LR325kBr5ldvM6FDIZ2ocVyd3E0LZGJSZm__Rl8rCyTQbdP7Zre7Vf9fMilS6WvKrTAf5-iAUe5q9pK8OgY_f0HeRaZIeArkA6LKe4rATUCd_iBxwaA5AszCOdAopwoEwfcFyQ_4xpzL1q3--U9Fz4DOV6uFckY2cAWmHAsfgFGZIY5V11Hs-3dSa7MKUehEBZA-UFHPxD6OkmaOLEFMewkm8juw9XGzgzlfK7qZ7Me6F987DBOaMy9DCPe3KaioJRvE4KD06-GR5kOYAEFJLV9WO-87qPB7xe545DE_ZPWsXwIcFxwJQDK7s-UB0dsfBs7MFP8-tBITseTinaasclx7sI2dISKMdNJQIZo2gREvhxyLk_TS02zMnEHjpsHy-RDsn9CYdCR4XEobK8d4kplAvlAE4OR6eRVTzrn7mCNlc-XaIvJcEWiyI0O4BCVyHyAMDa8OafoF76N2Ll9O7QFmEFG1_stmrbaGKdPAv_UAlWDl8Ir04f-20Bs0zxk7IN1BjspHNnHoz4JjjSXK4W_LNx-E9eWDWU_ZJPN9cHRqfpy1jMB3szAOsi798KGp7oU4LTz0ECSJA5uLvJF7YNgjT9v3c9ffztaQiudif918QU4lpANjitWjr3Vnwp1CvdOuc41nyzXpNsOkKssUuxvtVifx1-ynVxolCvulMTGozf8BUI-2j0sSUfIsUBIS9PItVc639-dkBDnerAz
Requested by
Host: 3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
URL: https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
utag.js
t.ssp.hinet.net/ Frame A4EC 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sat, 09 Dec 2023 10:22:22 GMT
utag.js
t.ssp.hinet.net/ Frame 8A82 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sat, 09 Dec 2023 10:22:22 GMT
/
t.ssp.hinet.net/ Frame A4EC 		36 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
4f857826f81d25c367d30efd8fc55a8c02e62a78db2c54b595a961acd0f5c628
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 8A82 		36 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
4f857826f81d25c367d30efd8fc55a8c02e62a78db2c54b595a961acd0f5c628
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame A4EC 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=145&profileId=184&bundle=uEUWuF9JTXF3JTJGODBmRkJzVWZINXFocWx1NXowQTZWM1dYcnhZSFBrWWZVVlJxQTlzZUVUVUFxUFJxUzMzSG85QWdkYWVWaG14TzhrMEMlMkYzcFYyNnFXZiUyRmxDRGxPdlklMkI5QzRpODlaa3ZLaTNvTTExcUdZRWRHOVltR0QlMkY0THc0ZDJtUndobGloeU8lMkI4THZWdDZSZWZNMVBHQ0ElM0QlM0Q&cb=21025303770
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Sat, 09 Dec 2023 10:12:23 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
emome2
t.ssp.hinet.net/ Frame A4EC 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=924b0039-31f9-447a-a8f2-b8fe9f40517a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:22 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
Live_Streaming.js
cdn.holmesmind.com/js/modle/ Frame A4EC 		40 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c73f2b03af16458ad905f45a098d8861ec7b0a2480387a59195b4465aca25d02

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
X_aLocCqsmqPAx2U1E3_4JQDn3OISwiD
date
Sat, 09 Dec 2023 10:12:19 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Fri, 25 Aug 2023 06:48:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
4
x-amz-server-side-encryption
AES256
etag
"d51f4efc881ddc4b5200ee509878d138"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
40584
x-amz-cf-id
DQLSlVqH1f1lBK5XTjcFyfrkY-WNaw3pe91CEv9Auas4tPOh46Yxcg==
609a296ec62f194de981d39962985aa6.jpg
cdn.holmesmind.com/image/23000/ Frame D78C 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.holmesmind.com/image/23000/609a296ec62f194de981d39962985aa6.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e76120de695e8ada80fa020a780e36ffbabe2d750c1dc46d4934545d11aa8c81

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:43:20 GMT
x-amz-version-id
nUW5W2sNukKkWhE6AludKVT9BqfI6Fi3
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Fri, 08 Dec 2023 05:38:18 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
5343
etag
"0e8a4fcfea83f153c3cc31c3043bc3e2"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
23525
x-amz-cf-id
Vwlhh9_YlXfJu1rc5ByTLMadDITXewWTp7dkQ91TEc1ApXC90rUMUg==
ade-tracker.js
cdn.holmesmind.com/js/modle/ade/ Frame D78C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
e6irG_P5F2jdCF9fNky2jWkkhxNctdGx
date
Sat, 09 Dec 2023 10:12:03 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:26:15 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
20
x-amz-server-side-encryption
AES256
etag
"cc88de770769cdecaa524a5801120c78"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1646
x-amz-cf-id
LtAV-0k5FNG9X52pQ-F2BzitpbbTQTcJrBBX_luCGbJRX-mW7kJ1Iw==
v_sdk.js
cdn.holmesmind.com/js/modle/v/ Frame D78C 		192 B
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/modle/v/v_sdk.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7490c495bc701b5f3c822f76f18d9f9842e4c3578b4c8e74937ce49a1ca75546

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
wsgDAt6n73AfbveX4G1Vz0rAUst7spYk
date
Sat, 09 Dec 2023 10:12:19 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:26:17 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
4
x-amz-server-side-encryption
AES256
etag
"8644272abfaa44219b2ed3d118b43dbc"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
192
x-amz-cf-id
-weZrx3VEmSNGbP3qG6oFwhHFPbOvIISZLv-p9JLWGDLQ3FlRAF_yw==
sdk.js
connect.facebook.net/en_US/ Frame D78C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b50ba7cca50fd61ab72172f422203982d913084cb5f50731e79cd82aa00ad621
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 10:12:22 GMT
content-md5
8xruSJLeF4ueOyPw+Ow1/w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
x-fb-debug
rOaZnzIE35YTehJZS7aqBgMUbVDHWg4ADkbFkZXgwZWtCi9JCwKi5jLukx7MnCv5IRXmeBphSyUHDp9j+HwS8Q==
x-fb-content-md5
79bb9e54fa05ad6df63f92f2c0bf9a9f
cross-origin-opener-policy
same-origin-allow-popups
etag
"b1e20c0b622033388a288df5279d6a89"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 09 Dec 2023 10:14:20 GMT
i
ad.holmesmind.com/adserver/ Frame A4EC 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.holmesmind.com/adserver/i?ut=1702116742&p=14210:107138:202675:52c5024e641a9bb0643f96f693474ad7:23000
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/png
date
Sat, 09 Dec 2023 10:12:22 GMT
server
nginx/1.14.0 (Ubuntu)
sdk.js
connect.facebook.net/en_US/ Frame D78C 		302 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=b66a5e96315503119dc4fd44a11a6a1e
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ac0bbdb325a55aa396c1b2c24b5213bc7d05634d182abceb6ddda30042e2373b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://reurl.cc/gaOWLp
Origin
https://reurl.cc
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 10:12:22 GMT
content-md5
5ter94zajHG8edW8UvtOlw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88320
reporting-endpoints
x-fb-debug
TXXJlmFc48UDhaetzzdFUKF15KphHrSF3NyXAhjhveRp7j5n7Yrytcri79kGAGF/njLx7r2bwAkxEuCLMCOKvw==
x-fb-content-md5
7e28fa49471bdeaf2f15018a0e5588ec
cross-origin-opener-policy
same-origin-allow-popups
etag
"713e630b28cd84088f788dd4d49a3b90"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 08 Dec 2024 08:43:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 036A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=593517642411&version=m202309260101&ct=76&x=1&cor=8329352663281284000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video.php
www.facebook.com/v3.2/plugins/ Frame 1A93 		169 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=b66a5e96315503119dc4fd44a11a6a1e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
94eac0860820de05aadd6f3ba018554293cf27b11d11d0e6a0b0509676cfe9c8
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 10:12:23 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v12.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
sRu6HcS8YZ1b8WlRIU1+MaxyVlFWobjdzxadsQs8M4hMV/yCEeA7rFh5YeipahekX7+rNRN8V9CQu6TOkdfSGQ==
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 5613 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJtpunBQQj_avTZxXd_Y7B0HmA6XiPwdjuXYiu1JUxXVrORZh3IbC4jzzt70krTgkCCX_-QP435nv8FRKvjRvfjDyU58pCBvH0mcpw_qt2bmlkX3_He6gkECAVN0O2Z_RdPyIFJyUlmw&sai=AMfl-YQRfSNmyP10Eu5ahKePPArk01TLGmQuaIjowJnfnTr1YZ8f9JAFpjwPBrVypypYf4B-RNjTr2PoYBA44yCcA3vSKQEk0inR0FsCcJcmDhG7XGM-1PKUYv0mm7bKQwkTr8dQ0I_ggtZM6ZGu1TFxwZb9AhkS-rOy9Pw&sig=Cg0ArKJSzGcBgGFMgIE4EAE&cid=CAQSTgDICaaNKHBoT6qmFUhT-uaMcwM4Il3lj20dEDcUJebKsaKow7HPvPLk3YKI5y8t3Fy5jeZoY_G-WbY3si4XaQ14WJfZvwr_vQUpL46acxgB&id=lidar2&mcvt=1000&p=108,270,362,570&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=827794272&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702116741053&rpt=959&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5613 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLqax4Hu9NMkZQYL4m0b-ULOTg2qfgoFOZEcpGN9ppPN8B8LGKxNAdDe3yUwh1TsHl9mv1KDH12ci7rH3NQvMCNOBwWhspWDfrTFd6bmAxcJvmNkRAoRgn1w&sig=Cg0ArKJSzHMsfNaRld6fEAE&id=lidar2&mcvt=1004&p=0,0,250,300&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=3047537790&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702116741053&rpt=964&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2251 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65071d12565792e01cf791100265d862ad777255d547046225ae3a2543c1acb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30288
x-xss-protection
0
server
cafe
etag
644 / 19700 / m202312040101 / config-hash: 18041799505519846586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 10:12:23 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C3F2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGJbsfOA_Q7jVrITL79_0ezgsLNoaDhG3l4gUQDpn01eD3g_rKuIx2vX5yDer63o9nh2qkc7TlsKCFl7W2hfpeaVXSgGYRLopt_7jE4_r9MgfHycDV-qMFFw&sig=Cg0ArKJSzDiz-u0KR3kbEAE&id=lidar2&mcvt=1008&p=0,0,250,300&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=2228999106&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702116741041&rpt=1039&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C3F2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIPzeLQfiUF4ZasTdE5Yc-LrxD-I_f-eKoYckU4t1kkbBFRDb9E6uiYzzAc6cnn5xfLdMovH6AVZehRgotUC-JP6ojv_1X4BhG9avBeXX25Axu3BxywF0aX3pT01hezx8OMDDuyqDMAA&sai=AMfl-YSJT0J8oqxCGzWNzPGsaA5IuuDX61RCBaYQFa6C41_nPmIsFN8n0Cr_mWKKZxiFrOJGM9P_OTO0duYlR-nNW2Om9LTHAp_5N3QdUKSMLoZ_rwyTO4OHxl1I0gj-bq74TCeeDr_2lkrTQfa1HlSV18Qo4zX4S-QK40U&sig=Cg0ArKJSzJeDHUu7btq-EAE&cid=CAQSTgDICaaNKHBoT6qmFUhT-uaMcwM4Il3lj20dEDcUJebKsaKow7HPvPLk3YKI5y8t3Fy5jeZoY_G-WbY3si4XaQ14WJfZvwr_vQUpL46acxgB&id=lidar2&mcvt=1010&p=108,1030,362,1330&mtos=0,1010,1010,1010,1010&tos=0,1010,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=1451399479&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702116741041&rpt=1033&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
t.ssp.hinet.net/ Frame 8A82 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=4202-rKaOSkl2jdYwOuGFKNm4O8BFEVDsh762&mp=924b0039-31f9-447a-a8f2-b8fe9f40517a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
924b0039-31f9-447a-a8f2-b8fe9f40517a.t.ssp.hinet.net/ Frame 8A82 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://924b0039-31f9-447a-a8f2-b8fe9f40517a.t.ssp.hinet.net/pixel?bd=924b0039-31f9-447a-a8f2-b8fe9f40517a&t=50ef57&referrer=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ Frame 2251 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 04:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
20499
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138293
x-xss-protection
0
server
cafe
etag
11350998454379829730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:30:44 GMT
events
bidder.criteo.com/csm/ Frame A4EC 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Sat, 09 Dec 2023 10:12:22 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame A4EC 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 03 Dec 2024 10:12:23 GMT
pixel.gif
static.criteo.net/images/ Frame A4EC 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 03 Dec 2024 10:12:23 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 2251 		170 KB
50 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2178604751381128&correlator=2727990180445008&eid=31079827%2C44807689%2C31079527%2C31078978&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14209-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C320x100%7C300x100&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3D2b599f4360e322bd%3AT%3D1702116740%3ART%3D1702116740%3AS%3DALNI_MY1y_wKjlyEGtWMs_GZirv1Mbw_yw&gpic=UID%3D00000ca7c127268b%3AT%3D1702116740%3ART%3D1702116740%3AS%3DALNI_MbVON0B5FrP9WILzpTn7-nOIOaDbg&abxe=1&dt=1702116743253&lmt=1702116743&adxs=640&adys=358&biw=1600&bih=1200&isw=320&ish=100&scr_x=0&scr_y=0&btvi=0&ucis=vv065xqn1f2v&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=3&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=320x100&msz=320x0&fws=256&ohw=0&ea=0&ga_vid=412506686.1702116740&ga_sid=1702116743&ga_hid=733106263&ga_fc=true&dlt=1702116743104&idt=138&adks=1212019568&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4db541461647c28fb61f2fb64d440eaa2fe81abaf0758942e9d24af4b66e1ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50700
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2251 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
074c0c0958c69b63ea201e57c238c90dd200eee99667fea19c713fba0175e4b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12246
x-xss-protection
0
container.html
78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2385 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 10:12:23 GMT
expires
Sun, 08 Dec 2024 10:12:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Zb7qjlwFTG5.css
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/ Frame 1A93 		582 KB
141 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/Zb7qjlwFTG5.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3357e675ea4f190381d0d4969e3af833e76d64fd9f37881b2e3229a537e51b5c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3sc6f40IYvjADv8KUWs/Bg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
144004
reporting-endpoints
x-fb-debug
2pR+DMesl549NdZ0nRpJF0mPO2oDZpCBNJkJygIH0oA7+7fTuoIa0xaC8ib5zXK3UEot8uidiePvHiEgOFSp0g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=0
expires
Sun, 08 Dec 2024 03:59:46 GMT
Qfo55ay3XFG.css
static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/ Frame 1A93 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b6fe6101ff12f786ff956ba29a5b1d1e3264c7769ffceb85d733b4c7986e6b95
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
iFoyUyk7Swig89SScjaqMQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7084
reporting-endpoints
x-fb-debug
VnrTdUpKcFO+w02DM+04aKQEZVOfUTCfEPOyvsLcI4oKmruBvEpHis2u1n6hIcEXKswDqdLUAgdnrD9xHZ7wOA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=0
expires
Sat, 07 Dec 2024 17:52:02 GMT
JS2LsxE-gw3.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 1A93 		354 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fd66f83ea75a1ccdd4953552363bc37a9cf055220f8d89a23ec8564c8d2ed2fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Veg+9swSo/ybchlTfP+avA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
93749
reporting-endpoints
x-fb-debug
GILntJGFlzWPcAkfpFiCETadOEgFC7qAmnMiwNYjd8KEFZ+OV7kRr8nHL5UYo17PGD7yFZBQnrEzltxNivpk1A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Sun, 08 Dec 2024 01:11:38 GMT
aQFKd1NFgFT.js
static.xx.fbcdn.net/rsrc.php/v3i7M54/ys/l/en_US/ Frame 1A93 		90 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i7M54/ys/l/en_US/aQFKd1NFgFT.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2c3cb5a0833b9412d27f44e06a84fd797180b81e15e99af5d7d8ffa96d1f41e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QxtSbDtVvcAOcE+ucrAq9Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25845
reporting-endpoints
x-fb-debug
jO+fU1bq/xhgAakf9t7cqzRgLJyx+caiicp92I5iDsizvQRZH5r00j8PcRmluIEd1/z6MboCMpdrp7T5a6+7Cg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Thu, 05 Dec 2024 19:30:20 GMT
R4PKY1p9APB.js
static.xx.fbcdn.net/rsrc.php/v3iAUQ4/yx/l/en_US/ Frame 1A93 		794 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAUQ4/yx/l/en_US/R4PKY1p9APB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d20cf80322259d9177611df3a6016556c8ee1c7b56376805c15d449c1785df0a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Ax+Eeqf6bOR1t+1T9zWUvw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
197059
reporting-endpoints
x-fb-debug
+dGqmmqGh8PZqsnYGFZ3WNfmInmB0ZW72qnDALaJM88JLDnbucXR7z58b+sBpoJyk+m1Hv0ExJh9M1G13H6wVw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Sat, 07 Dec 2024 23:46:38 GMT
Ec8EdxuCpfW.js
static.xx.fbcdn.net/rsrc.php/v3iLl54/ye/l/en_US/ Frame 1A93 		199 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLl54/ye/l/en_US/Ec8EdxuCpfW.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4df9b60b23dc99b2d8effa62273d522e2c879c50a288eee73784db7eb5016908
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Lxn1hApUWOKiQ2EZomVAdA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
51831
reporting-endpoints
x-fb-debug
UJkzDwMWPnFDYqheEr7XNPAznyyyvJ59c58Zk688LOx9QHZq+EqXVJspYCWHDEoEatXFZ7CwUYGQZDPX2jtdrA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Thu, 05 Dec 2024 17:47:25 GMT
4r8pcxnOs4K.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 1A93 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/4r8pcxnOs4K.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1ba731fa9f8276454a29bbb9afbf4595fa066f08935a762beceecc4749f90d5b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
GBf95XiiHK2guhZn2p/rAQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1277
reporting-endpoints
x-fb-debug
6QG21lgkZ/mt0XOJQi7Nsq9PESmwZUFpDgeN1PsqkGyDIi/+Am1NptsqK158G4UBvDdCc0HLgi5ZDlP7lvd/aA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Thu, 28 Nov 2024 21:47:09 GMT
GzNi5UO10uL.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame 1A93 		395 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/GzNi5UO10uL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d0c0a6ab2e10cb4061ce00406e53dd6eec2f0753fd20883654b2c13349e088d7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
B82MgG1Xe8DJYm99WEr4Ww==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87833
reporting-endpoints
x-fb-debug
e/v12MwpGcQe1wKAu6p/rCTUn0qx5AoPxcAkASB1H7w3urgDYIT45SCn5aX7x5W6UxFROpTGsvPJ3zBPtgNWmQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Thu, 05 Dec 2024 20:12:59 GMT
w0yxjyrKD3l.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 1A93 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/w0yxjyrKD3l.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4fdd04912129cdb8d227c0be200a5205ccbc49c6851594f80d1df0364ae5d1a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
cg00sn1NB+8BxdHomp/EuA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10464
reporting-endpoints
x-fb-debug
hd7w9p73ruvkvc7ASty/cTwGv+SFhAp+CEBg9oBswUKw8Cqn9xX1zui40ogPZov4V2STSqiIO/lNdo0y5x+wug==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Thu, 05 Dec 2024 19:59:42 GMT
406760998_691248259446060_2093622973448237517_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t15.5256-10/ Frame 1A93 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-iad3-1.xx.fbcdn.net/v/t15.5256-10/406760998_691248259446060_2093622973448237517_n.jpg?stp=dst-jpg_p280x280&_nc_cat=107&ccb=1-7&_nc_sid=869369&_nc_ohc=2PwPgeox4GYAX_RZym_&_nc_ht=scontent-iad3-1.xx&edm=AOJO4v8EAAAA&oh=00_AfBSjSzl4Rv466CKPs7K9BZ99rNJ1jJHzNzi-Ten0L0YOA&oe=65786554
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f9ab2d0b1fd6ff343526a05199a2a3db6417076d5792d30f5ea83ccc29a936a3

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Sat, 09 Dec 2023 10:12:06 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=387098748
thrift_fmhk
GBCfaEVXR2m1m+Qi/i0kkGM3FfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
FzuJ8A_pqYHyI-uzebtZLwpFygrOdlj4iD03qBx2aDRa8N3RcD0edYfprcGOXRlQrPX_Dw2rmBXkEgAuvluQzzht5k4Vf8GQmo5nlXi1AjhFnKF05inZ0z0roposAMAV
cross-origin-resource-policy
cross-origin
x-needle-checksum
913173865
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
33424
369665612_266137682873346_5534008402912216860_n.jpg
scontent-iad3-2.xx.fbcdn.net/v/t39.30808-1/ Frame 1A93 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-iad3-2.xx.fbcdn.net/v/t39.30808-1/369665612_266137682873346_5534008402912216860_n.jpg?stp=cp0_dst-jpg_p74x74&_nc_cat=1&ccb=1-7&_nc_sid=4da83f&_nc_ohc=MUoP-qGTyK8AX-zHWsF&_nc_oc=AQmBUIjDv82Be9a-Yqmy2j0Ry9FrbFb_ixABrgZ0mEpv5eS3OnxQGAS7vuyv9JyCLx0uCm35OjiJLPVGqZu3INJ4&_nc_ht=scontent-iad3-2.xx&edm=AOJO4v8EAAAA&oh=00_AfDiQy-WynE1jslpiBIPTNUtq4MMpCEkoyhIUppZ0AYI2g&oe=657982AF
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
197cf9f704785e690d950b4cb570004989336fa75540d555aef7e396db1f2861

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Tue, 22 Aug 2023 09:35:34 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=4066451735
thrift_fmhk
GBCX03v1adikMyRciVIllcr/FfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
37949127
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
2180
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2251 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 10:12:23 GMT
vwOUmvzU_7P.png
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 1A93 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/vwOUmvzU_7P.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/Zb7qjlwFTG5.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3a4fda7b449ddfa3b11ceb4c715c4c2f042e2cc1949701deb1fb8098d02b9b47
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/Zb7qjlwFTG5.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
x-content-type-options
nosniff
content-md5
9RIU8QDS6FQcM7h01mnrGg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4152
reporting-endpoints
x-fb-debug
zHMyKqcSy28Sp2xthRGD/Y/Yg21tSeJagAbem8To+GuOalz2HymvgnPqj6c57Usz/yo0MA9L9cZbSkZJgzz3qA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 28 Nov 2024 20:18:11 GMT
369665612_266137682873346_5534008402912216860_n.jpg
scontent-iad3-2.xx.fbcdn.net/v/t39.30808-1/ Frame 1A93 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-iad3-2.xx.fbcdn.net/v/t39.30808-1/369665612_266137682873346_5534008402912216860_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=4da83f&_nc_ohc=MUoP-qGTyK8AX-zHWsF&_nc_oc=AQmBUIjDv82Be9a-Yqmy2j0Ry9FrbFb_ixABrgZ0mEpv5eS3OnxQGAS7vuyv9JyCLx0uCm35OjiJLPVGqZu3INJ4&_nc_ht=scontent-iad3-2.xx&edm=AOJO4v8EAAAA&oh=00_AfCKTKXkVp9KKmsgCAYDWwIyACIDsr2iuQM1x54QCHN1GQ&oe=657982AF
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c101c172df6fd1ea057115ceb1933d418cd7c0ef00d6932ad3383f478777825f

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Tue, 22 Aug 2023 09:35:34 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=60813200
thrift_fmhk
GBCX03v1adikMyRciVIllcr/FfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
37949127
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1523
3_USCBHvE2b.js
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame 1A93 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/3_USCBHvE2b.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5609dbd6bd5496a114ca913530c2dd0aecff8502646c438db58251345eda9545
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
H4RWJCeXQm3W0cqxGvzvfQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7662
reporting-endpoints
x-fb-debug
cwwi5ONWIWCDLJqX14k71VzTSdP0J+GFWf1b2HB+hCJ1LFlWSOfPJ+ZsXqNhiKOE+ski2lkPS2VJC9Vk0KVVng==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Fri, 29 Nov 2024 02:42:10 GMT
TDpNj7olbQz.js
static.xx.fbcdn.net/rsrc.php/v3iyB-4/yE/l/en_US/ Frame 1A93 		724 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iyB-4/yE/l/en_US/TDpNj7olbQz.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3dc6787de4b1097650e4fc18a14d735fbb8e09c5a8159ece51c16593c8cec0e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
MeMa4i99MCmxCrMgT75kUg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
161882
reporting-endpoints
x-fb-debug
6SEACzL07iLFeMRPZOjp1+1LSsDqcACal+lmv2JLLBDvv5PwBV7cIRd+1zbXQFbmKpuPDSGxqh+ul03q8Z+R+Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Thu, 05 Dec 2024 17:08:02 GMT
QQEU1-TaC4N.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 1A93 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/QQEU1-TaC4N.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uDyhM5TI+HxzvqrjM1/g4w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
898
reporting-endpoints
x-fb-debug
jpXegtyhSt0SkZh6ookROgivzVIO0W15/waLWFSNQ7QKBIJGAljllPQiLvoIFHpO9WyoNNGPdoqNHb90wovzKw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Wed, 27 Nov 2024 18:22:49 GMT
mTbMxtm1CtJ.js
static.xx.fbcdn.net/rsrc.php/v3iEBX4/y4/l/en_US/ Frame 1A93 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEBX4/y4/l/en_US/mTbMxtm1CtJ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1a5bfbcea37051b69ffb51494bca539b16ef2d969086bf4abdef636fc5943679
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
JrZuwm1IGLe7IQAoNDgKDA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6379
reporting-endpoints
x-fb-debug
RwC9bbMgxx1+BpkElfmyRjUqh4FUYuq7WljQwcKREAtlyglHZabSr0JPMyZwBF5MoVQsBJQmCtaPJTS1IiLoPQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Wed, 27 Nov 2024 21:12:59 GMT
HzxD9aAXSyD.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 1A93 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
oRcNmPqvdkv3ysBSBC5rSQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15157
reporting-endpoints
x-fb-debug
caFcZax7wDhvHTxTdGJLpexAbHOkMnL2LXYNiiz53AZOhHalTaJJwcnCGl6FlWXXkIE5uUDpAY+UvGwH1VUjlw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Wed, 27 Nov 2024 19:20:18 GMT
14huexud5ZL.js
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 1A93 		349 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e11962c066339f200a342dfdecd23dab603951d49189e9e84723f3cc2008a67
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Mrpr55hdtBvcwKZxKOzblg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
69594
reporting-endpoints
x-fb-debug
Wcr9FDXKWcc35s9z3eKPaDyt1uJX9/8uUZbLaR7unZXt/w4dGL9JVp9XvWKn/d+T85Xo/2hVzFFBcSeMSSUlgA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Sat, 07 Dec 2024 00:49:00 GMT
Xa-kykSxUdE.css
static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/ Frame 1A93 		32 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/Xa-kykSxUdE.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3271eecca15405b948944596894209cfc44ced3b8e5e840a5cd6d01b1a31d5ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
YWU4cGhOfIeDPjaHviTsqQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6714
reporting-endpoints
x-fb-debug
E6dyPlfHDrsBdfVDyPBxkOA45wI/NzlFNnopUtHHShShqcSgtQMrrC3fC5uGVZoxk/eoqAklaWEEalhc1OVBKw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=0
expires
Sat, 07 Dec 2024 17:52:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 255F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
20494
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 04:30:49 GMT
expires
Sun, 08 Dec 2024 04:30:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 08BE 		829 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
912daea3af555c4dcf176909f65c32156b99ceba768aaf0419a102603b9a459e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6DX0twmi0D110CXJ9OAqAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-6DX0twmi0D110CXJ9OAqAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 10:12:23 GMT
expires
Sat, 09 Dec 2023 10:12:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
326118906875223.mpd
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/dash-abr3/ Frame 1A93 		11 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/dash-abr3/326118906875223.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfCvASmJrO9ijllhjccNbu4hdGtb3GjmAfD61yvlNxdElQ&oe=6575F5CE
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7ac6e513ea73e5c46385e523bdc35f294f90d1a4c737d9464418400653523797

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:24 GMT
content-encoding
gzip
x-fb-content-creation-ts
1702116743
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
x-fb-latest-segment-ts
5841483
alt-svc
h3=":443"; ma=86400
content-length
1590
x-fb-origin-hit
1
etag
93fcd6ad0f0fedf1de65bbeaf1a71d5b
vary
Origin, Origin
content-type
application/dash+xml
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=1
x-fb-edge-debug
qNdCV6cxU-3YBnFOhxtCvxYp90gvx6oXO7LV3bOZB5Mc0duyeryeJV8bPEaSHKV0JSX1oW-oVRsKwKjgTtzcc6P663E4vj44XEHT1gjfqk0wghzmwWlBtKv9Y2JpnfmV
accept-ranges
bytes
timing-allow-origin
*
dt
dt.adsafeprotected.com/ Frame 036A 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1527247&asId=9e0b2962-b786-8029-cd83-7dd05f5ef6a5&tv=%7Bc:wkpS65,pingTime:1,time:2637,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D,%7Bpiv:100,vs:i,r:,t:1621%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1016,o:1621,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1614~0,0~100%5D,as:%5B1614~300.250%5D%7D%7D,%7Bsl:i,t:1621,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1015~100%5D,as:%5B1015~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:201,fm:tXW4nGk+11%7C12%7C13%7C14*.1527247-72330247%7C141%7C15,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:19,sis:426%7D&br=c
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:8176:7413:21c:ce90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:23 GMT
server
nginx
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 036A 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1527247&asId=9e0b2962-b786-8029-cd83-7dd05f5ef6a5&tv=%7Bc:wkpS65,pingTime:1,time:2637,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D,%7Bpiv:100,vs:i,r:,t:1621%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1016,o:1621,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1614~0,0~100%5D,as:%5B1614~300.250%5D%7D%7D,%7Bsl:i,t:1621,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1015~100%5D,as:%5B1015~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:201,fm:tXW4nGk+11%7C12%7C13%7C14*.1527247-72330247%7C141%7C15,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:19,sis:426%7D&br=c
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:8176:7413:21c:ce90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:23 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
www.facebook.com/video/unified_cvc/ Frame 1A93 		267 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/video/unified_cvc/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7M54/ys/l/en_US/aQFKd1NFgFT.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9fb58c6c9fdcdcf6714b210c657d5bb812a33cfe7573ff60ea5d7b61fb4774d3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
BBCZTKmQCQuonA0XE7t6hZ
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 10:12:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
uUfjSycv+5q/GyupbNVpN2/bmDryqnXoe/s841ftOEUErdfHEgXYjXibyhd1xZ9VzNSHq8johuvzPS1g5+mY6w==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ag-Kz-WMvnK.png
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 1A93 		330 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/ag-Kz-WMvnK.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45445cdb742ba713feadbb749a2328f90698cc052372bb736682afcb5e7c6345
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:23 GMT
x-content-type-options
nosniff
content-md5
eAFd0hA109+Saq2CKxwDiw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
330
reporting-endpoints
x-fb-debug
GxdUAOfEy1PfUoL3RuOqDa774LyuOTBOSQYHb51/huBvPiAU77dukEIPpHkj4o0h9Ca5DSchEsRr/xS/8+N5iA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Tue, 03 Dec 2024 18:36:55 GMT
gDitvOzbw6T.png
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame 1A93 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/gDitvOzbw6T.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/Xa-kykSxUdE.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9d5497521bfc84947a23dd5687f8629f34ce7d1dd3d37cc83d9c6f14d2af0cb0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/Xa-kykSxUdE.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:23 GMT
x-content-type-options
nosniff
content-md5
Mgl5lSWRJJAq6dF2coyXXQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8119
reporting-endpoints
x-fb-debug
MiIESDksxEr+EA7iBRCrq/vskl5LHcxydYy+fLuLeFgpDZPpD6VSdxFJZ4TDgThhqv+LDxxmgAx89YAuVyYFQQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 Dec 2024 18:33:16 GMT
SWhawEjeLCn.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 1A93 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/SWhawEjeLCn.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
01a33f0ff59e28cd463d425548a593e150506f7f0d1c958403bae903f5e8e2e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
x-content-type-options
nosniff
content-md5
/zrKWNzqQF1I3EnT4Zj6CQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3327
reporting-endpoints
x-fb-debug
IBZXp7Jc9znas/NjePHIOpq60lAf8MqJ/ybFtD4q5qQoAcForrP6orMMJSMdfiv4rjFpJ8c5T6hGBSsQqxtGog==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 24 Nov 2024 18:08:46 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9050 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssN-QeOUle2ihaHFSA-zQzbaMFekqszdyPAaZKx1ebwzC0zc1XE0BUYXQ61LBawXXL2copFBKaQI0OSKEJvnrm7IamEKnkp5c4ZgFavTpF8i22JkAjjSgesD3SVqTeyOUULvuK9cdu60g&sai=AMfl-YRcC6n4zl9UysWKNt5uSHBOv6myXW-_zUxwUzfDwVDcu_R0weo&sig=Cg0ArKJSzMK0MyoOsW5fEAE&id=lidar2&mcvt=1032&p=378,799,478,1119&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3271617715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702116741069&rpt=1435&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 08BE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=2178604751381128&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 255F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 23:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
296092
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 23:57:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C3F2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3953119324635&version=m202309260101&ct=77&x=1&cor=18194566404348152000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5613 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=124377300982&version=m202309260101&ct=77&x=1&cor=6560775373199426000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 255F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2Nfigw
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
container.html
78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 501B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 10:12:23 GMT
expires
Sun, 08 Dec 2024 10:12:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 501B 		908 B
855 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%A9%E3%83%97%E5%8F%97%E3%83%BB1%E5%8F%AF%E4%B8%81%EF%BC%96%E5%93%81%E3%83%83%E2%88%92%E3%83%A7%E5%88%86%EF%BD%9E%E5%B7%9D%E5%86%85%E3%82%B0%E3%83%94%E3%82%B9%E5%A4%A7%E3%81%8F%E5%8F%96%E3%82%8A%E3%83%89%E3%82%B7%E5%AE%85%E7%9B%AE%E3%82%AB%E9%85%8D%E3%83%B3%E3%83%BC2%20%E5%8C%BA%E3%82%BB%E5%BA%97%E3%83%A8%E3%83%96%E8%88%97%E3%81%91%E9%96%8B%E4%BA%95%E6%99%82%EF%BC%91%E3%82%B6%E3%82%A4%E3%83%880%EF%BC%93%E7%94%BA
Requested by
Host: 78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
URL: https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a3e20e19ee80c742a25830eb84209ca1eaa4d2ef3fc75e131ede23d89b633cb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 10:12:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Dec 2023 10:12:23 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 501B 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
URL: https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:50:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
66139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 15:50:04 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 501B 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: 78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
URL: https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:47:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
66273
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 15:47:50 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 501B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
URL: https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
23466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 03:41:17 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 108C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
URL: https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

age
43104
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 22:13:59 GMT
etag
48472445140208031
expires
Sat, 09 Dec 2023 22:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 501B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
URL: https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
23466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 03:41:17 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 501B 		225 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: 78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
URL: https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:43:33 GMT
x-content-type-options
nosniff
server
cafe
age
66530
etag
14085932017949564970
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Sat, 09 Dec 2023 15:43:33 GMT
l
www.google.com/ads/measurement/ Frame 501B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ-MDYN8Lr0vllmrLrR7H60W6iZmo03hcdDoqYeVnrrdBeZMbyznzIm4qOYZqIFHJZoxZnvpBLasTd3AH4z1L_s02BEaQ
Requested by
Host: 78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
URL: https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 501B 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
URL: https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 10:12:23 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 501B 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
URL: https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:20:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136305
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 04:10:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 20:20:38 GMT
9216095162094444457
tpc.googlesyndication.com/simgad/ Frame 501B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9216095162094444457?w=100&h=100&tw=1&q=75
Requested by
Host: 78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
URL: https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2ab62ae9ef497837041609e66f23d13d0291e4198200026ffbe935c6c8ce570
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:46:19 GMT
x-content-type-options
nosniff
age
350764
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2592
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 03:39:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 04 Dec 2024 08:46:19 GMT
truncated
/ Frame 501B 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 501B 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
pixel
cm.g.doubleclick.net/ Frame 108C
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEGALEdzBSxrZAjaiT0m6BRI&google_cver=1&google_push=AXcoOmRAatgMzL5-SCE0mPSoMCy8EreWuZclpUzwV5BVQB5S1kiXzozwlWOyxJ1hAK53V6fbeXuS4yv...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmRAatgMzL5-SCE0mPSoMCy8EreWuZclpUzwV5BVQB5S1kiXzozwlWOyxJ1hAK53V6fbeXuS4yvIdBfDF9phXdJBgBZRqwU40Q&google_hm=5eMS7LzyTOO502V...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmRAatgMzL5-SCE0mPSoMCy8EreWuZclpUzwV5BVQB5S1kiXzozwlWOyxJ1hAK53V6fbeXuS4yvIdBfDF9phXdJBgBZRqwU40Q&google_hm=5eMS7LzyTOO502Vi2ea9C6w
Requested by
Host: 78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
URL: https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Server
142.251.222.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:23 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmRAatgMzL5-SCE0mPSoMCy8EreWuZclpUzwV5BVQB5S1kiXzozwlWOyxJ1hAK53V6fbeXuS4yvIdBfDF9phXdJBgBZRqwU40Q&google_hm=5eMS7LzyTOO502Vi2ea9C6w
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 108C
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESECxv_Ly0z5cGcr5yJ0OrNXM&google_cver=1&google_push=AXcoOmQIXxJbWMurMrJYDtmzSXGTIfFKdLZmpZTklEEIK14xMOkz8jQTDjZpuU1TwIx6c3JM7eS0b...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQIXxJbWMurMrJYDtmzSXGTIfFKdLZmpZTklEEIK14xMOkz8jQTDjZpuU1TwIx6c3JM7eS0bX0kLHd7XDZHSBnBXkX3ieOurg&google_hm=Q1hkM2x6MUxFTDBsU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQIXxJbWMurMrJYDtmzSXGTIfFKdLZmpZTklEEIK14xMOkz8jQTDjZpuU1TwIx6c3JM7eS0bX0kLHd7XDZHSBnBXkX3ieOurg&google_hm=Q1hkM2x6MUxFTDBsU3d1aGxPVGNwQnNRWUxZ&from_google=sp1
Requested by
Host: 78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
URL: https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Server
142.251.222.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 10:12:23 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQIXxJbWMurMrJYDtmzSXGTIfFKdLZmpZTklEEIK14xMOkz8jQTDjZpuU1TwIx6c3JM7eS0bX0kLHd7XDZHSBnBXkX3ieOurg&google_hm=Q1hkM2x6MUxFTDBsU3d1aGxPVGNwQnNRWUxZ&from_google=sp1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame 108C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJA5ZSJuh7YG2Fn_oIATK3U&google_cver=1&google_push=AXcoOmTX2_6Ymk_38g1HhKtpCuBlDiRJ496qbk5IK2jeOMA5q5rGgQFCvkYNTGfZ_0rIvV2t1pAAS08HulgraxNHstIY...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJA5ZSJuh7YG2Fn_oIATK3U&google_cver=1&google_push=AXcoOmTX2_6Ymk_38g1HhKtpCuBlDiRJ496qbk5IK2jeOMA5q5rGgQFCvkYNTGfZ_0rIvV2t1pAAS08Hulgrax...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTX2_6Ymk_38g1HhKtpCuBlDiRJ496qbk5IK2jeOMA5q5rGgQFCvkYNTGfZ_0rIvV2t1pAAS08HulgraxNHstIYa63PCESuag&google_hm=sqUgHXqOSgClehAzm50yeA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTX2_6Ymk_38g1HhKtpCuBlDiRJ496qbk5IK2jeOMA5q5rGgQFCvkYNTGfZ_0rIvV2t1pAAS08HulgraxNHstIYa63PCESuag&google_hm=sqUgHXqOSgClehAzm50yeA==
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
142.251.222.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTX2_6Ymk_38g1HhKtpCuBlDiRJ496qbk5IK2jeOMA5q5rGgQFCvkYNTGfZ_0rIvV2t1pAAS08HulgraxNHstIYa63PCESuag&google_hm=sqUgHXqOSgClehAzm50yeA==
Date
Sat, 09 Dec 2023 10:12:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 108C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFkNowyMX3swvACiDVPQRCU&google_cver=1&google_push=AXcoOmQLVdEss1UcDNI3h34IyyLlnj7kxlyz-9ix2REUMlp2ML0z0WMEcg98DepqU5es_V6qEqUoCNQvp3PanKLSmYK1qQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQLVdEss1UcDNI3h34IyyLlnj7kxlyz-9ix2REUMlp2ML0z0WMEcg98DepqU5es_V6qEqUoCNQvp3PanKLSmYK1qQeYLqUf&google_hm=eS1ucGhGbE9sRTJwRnBBZD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQLVdEss1UcDNI3h34IyyLlnj7kxlyz-9ix2REUMlp2ML0z0WMEcg98DepqU5es_V6qEqUoCNQvp3PanKLSmYK1qQeYLqUf&google_hm=eS1ucGhGbE9sRTJwRnBBZDdYYnpWRGJhc0hVWkdlRlEyYX5B
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
142.251.222.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Dec 2023 10:12:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQLVdEss1UcDNI3h34IyyLlnj7kxlyz-9ix2REUMlp2ML0z0WMEcg98DepqU5es_V6qEqUoCNQvp3PanKLSmYK1qQeYLqUf&google_hm=eS1ucGhGbE9sRTJwRnBBZDdYYnpWRGJhc0hVWkdlRlEyYX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 108C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMo_8ZOKJiAv7qr_EGtojuU&google_cver=1&google_push=AXcoOmSctk7bEtlRBc5qfHHlMoNfBXGnu5Eg-HWmJCJvqc251jitpB7Me3I9kmXREZJgTXffP7YYTG31...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMo_8ZOKJiAv7qr_EGtojuU&google_cver=1&google_push=AXcoOmSctk7bEtlRBc5qfHHlMoNfBXGnu5Eg-HWmJCJvqc251jitpB7Me3I9kmXREZJgTXffP7Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYwNTE0OTcxODA4NTMzODk2NQ&google_push=AXcoOmSctk7bEtlRBc5qfHHlMoNfBXGnu5Eg-HWmJCJvqc251jitpB7Me3I9kmXREZJgTXffP7YYTG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYwNTE0OTcxODA4NTMzODk2NQ&google_push=AXcoOmSctk7bEtlRBc5qfHHlMoNfBXGnu5Eg-HWmJCJvqc251jitpB7Me3I9kmXREZJgTXffP7YYTG31Alf-OmRErhYg-bp9MmGhLQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
142.251.222.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYwNTE0OTcxODA4NTMzODk2NQ&google_push=AXcoOmSctk7bEtlRBc5qfHHlMoNfBXGnu5Eg-HWmJCJvqc251jitpB7Me3I9kmXREZJgTXffP7YYTG31Alf-OmRErhYg-bp9MmGhLQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 108C
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEE1O7GQM5YjX0BrTURNnK5w&google_cver=1&google_push=AXcoOmQwvFvdGhrCJyF3od6e0QM79R-bdUUpd5MIDhyVcxM5vM-hKRy0-VgnehoW3Xz0-nKxS7uJzIy1LH_QcK4bpZHc_WHiqRcHXQ
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQwvFvdGhrCJyF3od6e0QM79R-bdUUpd5MIDhyVcxM5vM-hKRy0-VgnehoW3Xz0-nKxS7uJzIy1LH_QcK4bpZHc_WHiqRcHXQ&google_hm=M3pSQnhGRnV1d0ZVVk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQwvFvdGhrCJyF3od6e0QM79R-bdUUpd5MIDhyVcxM5vM-hKRy0-VgnehoW3Xz0-nKxS7uJzIy1LH_QcK4bpZHc_WHiqRcHXQ&google_hm=M3pSQnhGRnV1d0ZVVkN3ZUlxNzA=
Protocol
H3
Server
142.251.222.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:24 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQwvFvdGhrCJyF3od6e0QM79R-bdUUpd5MIDhyVcxM5vM-hKRy0-VgnehoW3Xz0-nKxS7uJzIy1LH_QcK4bpZHc_WHiqRcHXQ&google_hm=M3pSQnhGRnV1d0ZVVkN3ZUlxNzA=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
sync
rtb2-useast.e-volution.ai/ Frame 108C 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEBqA8QHTuBCT6-YzMGMNoR0&google_cver=1&google_push=AXcoOmTlDbAdzHM5sRVhP76XP8KmiPR2TrkSQda72UJ4Egd1ECZh24U3gKFNDawTr4642zDRO8ew4EMIKBfiabusU8dkv_U78uM5QlE
Requested by
Host: 78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
URL: https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 10:12:24 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
attr
cm.g.doubleclick.net/pixel/ Frame 108C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IyyQpJiQWD8l8m1Tcy3PPF1VtJH6u1_xEjG5N23llhc1ngq_yYKgwgnMWQsClCjJNnQrtWkQ
Requested by
Host: 78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
URL: https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 501B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8d97e0da707b0d1b0c9bff85de9716f001df1678a8bfca416022056d34cdd72

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQQXVhz10Zb2xEoSKid4P-9uDqAfh6KzIdMbE-uf0EWQQASDSzIEaYInzxYT0E6ABvNymmCjIAQmpAgTpx1W3oT0-4AIAqAMByAPLBKoEsgJP0N5F-51FRkn-IVEXhri4xo5GHIHAUdA4oTgu9BA-l058PmHh9Wbn5DzwQ8Z6yXpiu3GX_yst_lXE06YEXQKhmv329taOrP8f-awJPymGEuMSmoyJJ6ca60wjpYlomMVMpQO2C0c3FdnJGk4Hg8jEoc3z-TSrO20QxRoJ8glf50GG67u54DBkEjv8o9VAifsS1MvqsQMxiW45LB4A3Y9g1POS0KWt0S_Jm3n-LqWZTtpE6nBdlYI1pLbOb7J1u0B5yECaqgaHacNSM2NMF4PstolIaOFv-GS0muxyip2Fkngs0Y4rx93TNKCSFyqHWWq1P2GMCkJtWgbYBnt0E5o-JV-XRwjmRW_hzTIZ3tZEgf2z4srwMW2247vKwAuS5SU94qqNc7NUizuaoT-LQiQSzufABKzmzIPDBOAEAYgFn6Tt00ySBQQIBBgBkgUECAUYBKAGLoAHvJT39wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDnzgPSCB0IgGEQARgdMgKKAjoCgEBIvf3BOlj17-X-joKDA5oJXWh0dHBzOi8vd3d3Lml0b3lva2Fkby5jby5qcC83dGhlcHJpY2UvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jb250ZW50PTd0aGVwcmljZYAKA8gLAZgM5Ln81twEogwUKhIKEOS0sQLutbECtbixAqy6sQLaDBEKCxDAuPyg-_LErsEBEgIBA-INEwjylub-joKDAxUERcIFHfvtAHW4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=ZQRuspLzih4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNRnQZtGik_WmR9C9D3t4TUHQJSbo8ZWDSl6iFlHx_oU4dPGxxEdv3cQlu7ub5mOAAzVf9xzEuGAE&template_id=515&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 09 Dec 2023 10:12:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 501B
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CQQXVhz10Zb2xEoSKid4P-9uDqAfh6KzIdMbE-uf0EWQQASDSzIEaYInzxYT0E6ABvNymmCjIAQmpAgTpx1W3oT0-4AIAqAMByAPLBKoEsgJP0N5F-51FRkn-IVEXhri4xo5GHIHAUdA4...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x41f21cd5fe7a41210000000000000000%22,%222%22:%220x1fc0a47e499d30890000000000000000%22,%223%22:%220xf6683e...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x41f21cd5fe7a41210000000000000000%22,%222%22:%220x1fc0a47e499d30890000000000000000%22,%223%22:%220xf6683ecc5eb8c4a30000000000000000%22,%224%22:%220x69c09a709fa9ba740000000000000000%22,%225%22:%220x4db492ae812a8d420000000000000000%22},%22debug_key%22:%225221659659365310230%22,%22debug_reporting%22:true,%22destination%22:%22https://itoyokado.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210788384316%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210531050292938958817%22}&andc=true
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:24 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x41f21cd5fe7a41210000000000000000","2":"0x1fc0a47e499d30890000000000000000","3":"0xf6683ecc5eb8c4a30000000000000000","4":"0x69c09a709fa9ba740000000000000000","5":"0x4db492ae812a8d420000000000000000"},"debug_key":"5221659659365310230","debug_reporting":true,"destination":"https://itoyokado.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10788384316"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"10531050292938958817"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 09 Dec 2023 10:12:24 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 09 Dec 2023 10:12:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x41f21cd5fe7a41210000000000000000","2":"0x1fc0a47e499d30890000000000000000","3":"0xf6683ecc5eb8c4a30000000000000000","4":"0x69c09a709fa9ba740000000000000000","5":"0x4db492ae812a8d420000000000000000"},"debug_key":"5221659659365310230","debug_reporting":true,"destination":"https://itoyokado.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10788384316"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"10531050292938958817"}&andc=true
access-control-allow-origin
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
font
fonts.gstatic.com/l/ Frame 501B 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxq_03dVttj3nEuDThQRVyTcOVF04CyFxy2uosXz3vatf9_DRWqPjROFPPKIiGmL1yYgzP1LLEpROQkkmJlx_v_AbchAv-cYwlqs0hIEwZ4exn-tgo5pn_hk--gJYlMzMbUfpZ4u5_WRPjdAnTkgb28HgoxlpsksCqOspbMLc9n-VYJ2nuYJugcPFA9ANFj5jigmsrEmu_CPzhfi_e2NGxq7GgEmXjH37k9HeqXlISXRbfKNPxvRxj0&skey=72472b0eb8793570&v=v52
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%A9%E3%83%97%E5%8F%97%E3%83%BB1%E5%8F%AF%E4%B8%81%EF%BC%96%E5%93%81%E3%83%83%E2%88%92%E3%83%A7%E5%88%86%EF%BD%9E%E5%B7%9D%E5%86%85%E3%82%B0%E3%83%94%E3%82%B9%E5%A4%A7%E3%81%8F%E5%8F%96%E3%82%8A%E3%83%89%E3%82%B7%E5%AE%85%E7%9B%AE%E3%82%AB%E9%85%8D%E3%83%B3%E3%83%BC2%20%E5%8C%BA%E3%82%BB%E5%BA%97%E3%83%A8%E3%83%96%E8%88%97%E3%81%91%E9%96%8B%E4%BA%95%E6%99%82%EF%BC%91%E3%82%B6%E3%82%A4%E3%83%880%EF%BC%93%E7%94%BA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1633103c00381f73cb62fd2fa4f75a9f6d24b1a4ffcc13e3fef7788b23189026
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:23 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23860
x-xss-protection
0
last-modified
Tue, 02 May 2023 23:59:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 10 Dec 2023 10:12:23 GMT
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame 0FF0 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 22:43:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
214147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Dec 2024 22:43:16 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x41f21cd5fe7a41210000000000000000%22,%222%22:%220x1fc0a47e499d30890000000000000000%22,%223%22:%220xf6683ecc5eb8c4a30000000000000000%22,%224%22:%220x69c09a709fa9ba740000000000000000%22,%225%22:%220x4db492ae812a8d420000000000000000%22},%22debug_key%22:%225221659659365310230%22,%22debug_reporting%22:true,%22destination%22:%22https://itoyokado.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210788384316%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210531050292938958817%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 09 Dec 2023 10:12:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
av
ad.holmesmind.com/adserver/ Frame A4EC 		0
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/av?p=14210:107138:202675:52c5024e641a9bb0643f96f693474ad7:23000&type=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:24 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
326118906875223_0-init.m4v
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/dash-lp-qd-v/ Frame 1A93 		657 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/dash-lp-qd-v/326118906875223_0-init.m4v?ms=m_CL&ccb=2-4&sc_t=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
91524c70ede9562d1bd8976201f4f2fd6b24d2c4844f4f7d0d862e1c5a685f81

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:24 GMT
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
1
alt-svc
h3=":443"; ma=86400
content-length
657
x-fb-origin-hit
1
etag
dafa03c4322ee93b9877156294613134
x-fb-video-livetrace-encoding
dash-lp-qd
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
3
x-fb-video-livetrace-parentsource
CDN:elb:H:iad3c02:dash-lp-qd:7389
326118906875223_0-init.m4a
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/dash-lp-pst-a/ Frame 1A93 		596 B
700 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/dash-lp-pst-a/326118906875223_0-init.m4a?ms=m_CL&ccb=2-4&sc_t=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b429486bdd6630fb3fdfa332e7919855881da3a3b2a51d62eaa1ced0862bfb5b

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:24 GMT
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
1
alt-svc
h3=":443"; ma=86400
content-length
596
x-fb-origin-hit
1
etag
52c1f97c21907e522dbb150d78184338
x-fb-video-livetrace-encoding
dash-lp-pst
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
3
x-fb-video-livetrace-parentsource
CDN:elb:H:iad3c02:dash-lp-pst:7399
326118906875223_0-2788.m4v
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/ Frame 1A93 		30 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/326118906875223_0-2788.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3ac9bb6389f0e34f19e36ba8176214ed407b571a4e25d9a9eb8b6ceab4727359

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:24 GMT
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
30305
x-fb-first-keyframe-offset
359
x-fb-origin-hit
1
x-fb-video-livetrace-encoding
dash-lp-qd
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
23
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-qd:4290
326118906875223_0-2788.m4a
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/ Frame 1A93 		18 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/326118906875223_0-2788.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
37ccfb30991194358f751ec4fd4671b6ab5461a4ac4ccc62d6fde6ce3f788da2

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:24 GMT
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
18874
x-fb-first-keyframe-offset
162
x-fb-origin-hit
1
x-fb-video-livetrace-encoding
dash-lp-pst
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
24
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-pst:4293
hEMKKmOYzQt.js
static.xx.fbcdn.net/rsrc.php/v3i_nv4/yf/l/en_US/ Frame 1A93 		278 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i_nv4/yf/l/en_US/hEMKKmOYzQt.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a91cc3d7f0943cabdd61ca1ff8f5e4747c2e81349fbc490de26380a4d817733
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:24 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
l/edax+DGCft42NvWht7yA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
63759
reporting-endpoints
x-fb-debug
1JSPOzEfuiWqeFW4JVIbYhFwz00DostQU8tPQhNoF/MkTmLMlBfyqK1+CQxPbtm/X9WpO6I38x3TD14sWdxm+w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Fri, 06 Dec 2024 21:31:42 GMT
n_-qBIIk9pY.js
static.xx.fbcdn.net/rsrc.php/v3i3qK4/y9/l/en_US/ Frame 1A93 		3 MB
535 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i3qK4/y9/l/en_US/n_-qBIIk9pY.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
373cff4a5be14637fbe35895c47e016b43fe37c32a6d704cd59da533185c6bb7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:24 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
u25TYieIphl1mCe9Uae9hQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
547393
reporting-endpoints
x-fb-debug
BReTTsl+eqCRJx94C/VX4YeiIOTXhxok3qbr9flYfhaF9fqQ/3JQ6VieYjuwiWj1LACwln44i5tCRSWFq3qy3w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Sun, 08 Dec 2024 02:15:41 GMT
gnVnXHSGQH6.js
static.xx.fbcdn.net/rsrc.php/v3inoo4/yD/l/en_US/ Frame 1A93 		336 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3inoo4/yD/l/en_US/gnVnXHSGQH6.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
68b6eb9c48e3b113a3d1872ef75032d9f7f9771d9d2617bf058d7bc2f5070831
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:24 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
RERFNWoDwhrE9psu3Nx99A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
80800
reporting-endpoints
x-fb-debug
eblAStu4Jc2BOktRnSbtey9BXCAxpm0tgPOHyhjs/bwOUIVG900f2jQ1F+Qr2UZOPBX6hAV9oST3h+Jl8O1q8w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Sat, 07 Dec 2024 21:02:50 GMT
Cf8jcTzOUp9.js
static.xx.fbcdn.net/rsrc.php/v3iuWr4/yC/l/en_US/ Frame 1A93 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iuWr4/yC/l/en_US/Cf8jcTzOUp9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
208cd6c1ec51a2737c544e3da4166eb917333e9dd588841e599143f7f083de85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:24 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
wu8OzYuRZpaUCFL3HzI4JQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6798
reporting-endpoints
x-fb-debug
hkgBEdla2Qlnx3zAkaqNCqIf0J0E8IJQ5qNhLOsFLQBbesjCPm5B/ysKUcJHu0mH9rrwYsZFonje49Jn6Ap5xw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Thu, 28 Nov 2024 23:51:42 GMT
F4j9B2xJ1Ib.css
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/ Frame 1A93 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/F4j9B2xJ1Ib.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ea76b764cc79e34aacb5473f624f54f6da49da1d10b00cb931075a6bd0d38c32
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:24 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
/gOrTztJymIBgB0hri867Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1208
reporting-endpoints
x-fb-debug
l6rBK5YqtAUDnSaG5JTjegirVvk8buCEbP2ZfC6O7IaOvqzQk/j52kr3Ncjmmr4kR4j9yNfE4t+imKRMrz1+cw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=0
expires
Fri, 06 Dec 2024 03:49:49 GMT
9dN_FA4mMHO.js
static.xx.fbcdn.net/rsrc.php/v3iLl54/yV/l/en_US/ Frame 1A93 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yV/l/en_US/9dN_FA4mMHO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1cdfea8482ec87dbfecfc0b3914b3e9d90e2c32f7f601261cc79369092894312
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:24 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
m6Kjybcr8DtynOk5chZEYA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2768
reporting-endpoints
x-fb-debug
VNzuYkKfMSHoOqnyAQMwRL+rk8NO8Mr4wzGtPblnntKYGWvyVZP0yT020Wa2CPkR1y/hSBAqylyOzLMVzFVYSQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Thu, 05 Dec 2024 18:28:16 GMT
LkMD_RZF8jy.css
static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/ Frame 1A93 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/LkMD_RZF8jy.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6871de12df8d1d3da3dff8d6370933ba3630a6e9ce19bf93eca651967a221c42
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:24 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
rQ6y8Q+a67+IAU26MAyLYQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5322
reporting-endpoints
x-fb-debug
Lz8dI/kVLucHVtbPFhCMiW3qkkYVGTLn5VCAtSlonvN+suCFDTQhukzjiY+JzDThE2qXebx/miyjayiTmpDlCA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=0
expires
Sat, 07 Dec 2024 17:52:03 GMT
RBd9zOUieH7.css
static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/ Frame 1A93 		47 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/RBd9zOUieH7.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
431486b008ef8dcacc621c3f8fd446b9a43db474fc6e1766b4189d71984acfa6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:24 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QDW3Rfz0SFYiygPDvO4N+w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10209
reporting-endpoints
x-fb-debug
CUZwAMgPJ9PHLYWMQ79rqh4M8phkoMs356PJ1ipP2jYoMbe/bLg9sIwXUgaq9dshRm+oAxhBpGez2pedgNyCUw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=0
expires
Fri, 06 Dec 2024 20:11:07 GMT
/
www.facebook.com/ajax/bootloader-endpoint/ Frame 1A93 		14 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/ajax/bootloader-endpoint/?modules=VideoSettingsControl.react&__user=0&__a=1&__req=2&__hs=19700.BP%3Aplugin_video_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010319003&__s=%3A%3Acvsr5e&__hsi=7310535746925145667&__dyn=7xeUmKewgUng5KbwKBAodo6C2i5U4e1Fx-ewPG323616whoS2S2bwmo3vx60Vo8olwe21wKE4W15w8i0KEswIwuo667Uy1nzUmw5Cx62G3i0ha2l2Utw78waOfwbK0RE5a1qw8W5U4q0HUvw4Jwp8ow46wbS1Lwqo2Ywcq0mW&__csr=&locale=en_US&__sp=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
25089c2094ecc4602d7a990a25c0fabe8db11d117ee9fd8c3f24080d8a0b67ff
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Sat, 09 Dec 2023 10:12:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
sjZiSjB+qBbDObZsW2OYFuPItCGnbZfbsfELYD8rLcCPifQtb8aTaHXK3q27zqtXZvDUzAVJXwbyJttTxG3/lQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/video/unified_cvc/ Frame 1A93 		267 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/video/unified_cvc/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7M54/ys/l/en_US/aQFKd1NFgFT.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3f34d53782b37ff0c212cc42915f4fa80b265e4798c147842e92fa1bfe1c4f0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
BBCZTKmQCQuonA0XE7t6hZ
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 10:12:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
7u9cRx2jwY2beB0J6dHfP8Ou/tomevOCxWDeVXCNs9zKuRbLheFMi8bVuyZKYkbRnC4P7EAmf5thQQhNNFXTqg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2251 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=2178604751381128&bg=!FRalFlnNAAY3kmNgF5I7ADQBe5WfOLmdl9YifCUQYkrAE4x8s_-rWU_aDGq-sKXwBYtR77DBWeEG3V89ovmPNaU_KFtkAgAAAGlSAAAABGgBBwoAarnfc4tXE5_y0TlY_U0xC1ZFSqZqbxQFDJQodTn5KJp0GreqRezXRr2MnbwQoTgiZfhMVAMyMPo_EOxUBD0_tKa7IMGqzI-DNHJJLtv1yjQ8dRN50x8DqWrv3DfC9mNaO4nP-8R8O6bBe2uZAxltwkPBRyQIv0KFr_1gHGjDLQhymfYW0jaZCjDhDMzjkM7yRf22Iig6xEyjoWiFUjY1m-NafnIbqsVpQDWvqlCiZ946UxvrGJg7mwuMYYFgcOFcf50XsBdOHtjsRRTzOleYwfTYTC3HVcSyeM1qDFioUC1CNI6SGoOjlumlW847xWYSkF7HdXxE8EAd2_zTbv_kKgGKtp22dxZaVbkqqtEJoxvruxD_ojaxaTr-vUiV6DPWPdpCek0lAD4ks8wL_EJeBCHnX1IFdVVGchqPzZrB1yF3HT7huwttIbq4JmCwwry3mk3pOQrQ4SHILioNNnSrwXLiuscKzBoeGkW7um0GXZ5_FnvjFAaI6qcbSlAz_UNDx02TmOY8ReytjnEl2HGUXjy2S9FTmSK2vOb0i_UYx7pUtcXzhalKvE5qPd3K3z8qbr-6f9lC7lF4wnDAfBN8NTTc4Cla56QwfOEfxhqKRQ2FVpicfNnxYYDsaK5I5JzKyDTdx2gdAyfGJALPv8IcVsTTtyTzjkGsOxaPS1lFoam2FW2EwzGxFna-WHcYrNWBV8hC2LRndOL62nbC8yFzW-z7tOaUVYG0z_oS-pDkzWbGE7FdSPNei1K3cgybiYC1U2ujF2EhaOftMzWZXSErZtBV2ifVRRgPatK-sWo7K_xpyJQQyAYqZuu7YnqzEQxI-xmBDPiIG9aIEjZbFX0F0TPwZOYF1p1IDxkuMhOWz5MkxD9HWTOTGVKI1EzJt5TUZ7AChTzv_KZ8Q38h3-npTDcOT3rwgH03kWRNXDQgKk8zdQAbiKacv6Vkc9_fGIpuiOrk_CkPBIscnUNCAfMtpNf1dxVecyqK_nrNJ57C-gScYEiuiODIhD4bMnf27fiBYKoKNY2xEtMT_1LzU_aHBUUwpUR4zmleC_Zpi8T2ZnnfqtrrsP-GpNHNKORfh0mLabHBMIWiK7vwLoMm5jzXHVQYbj-VxV0-tn3xDdyX-YeV4es08458Ifs1fO0BnInwzG7GZfmWKuhLfBsdAjcxU1to4NqegXDqvrlkoKnoaORML4vb0K7-
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
0L5gppRlswe.png
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 1A93 		404 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/0L5gppRlswe.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/F4j9B2xJ1Ib.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b22620fc4d630726cb3f47fac6ade45801e71c9d90dc6ab148e51dbcc910944e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/F4j9B2xJ1Ib.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 10:12:24 GMT
x-content-type-options
nosniff
content-md5
bDizLuK+pYt04fjxlQ20xQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
404
reporting-endpoints
x-fb-debug
lI37fDBArD1cUUMQhIQUdGj+AOBonGqaVXidDfXlOlEzdvyiH86nlJhpOvGJq5O0DE0oU7qB+8yPYwYGl9nN3A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Tue, 03 Dec 2024 18:33:24 GMT
bz
www.facebook.com/ajax/ Frame 1A93 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmKewgUng5KbwKBAodo6C2i5U4e1Fx-ewPG323616whoS2S2bwmo3vx60Vo8olwe21wKE4W15w8i0KEswIwuo667Uy1nzUmw5Cx62G3i0ha2l2Utw78waOfwbK0RE5a1qw8W5U4q0HUvw4Jwp8ow46wbS1Lwqo2Ywcq0mW&__hs=19700.BP%3Aplugin_video_pkg.2.0..0.0&__hsi=7310535746925145667&__req=4&__rev=1010319003&__s=%3A%3Acvsr5e&__sp=1&__user=0&dpr=1&jazoest=21813&locale=en_US&lsd=BBCZTKmQCQuonA0XE7t6hZ
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/3_USCBHvE2b.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryGjdt6blRMWRvPGcS

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 10:12:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
dreYjt5a1aGODRkKmFFGcxehWG9vR5cqRW31V7WG1jFeqbUPPKVX5g9cpK0/lVtBJ+GBwKWGOt9R+jXXR9SLsg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
access-control-allow-methods
OPTIONS
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
vary
Origin
content-type
text/html; charset="utf-8"
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D602 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuk-H54dZFQyiEKQjfYPdPNqLb1wjLGAMd7o9enN00HJtXKBq3NDq74aGLBRhAwfJXi-lEkbOwd9kx36FAxmf8VvIakKkghe3ZxOwzswQ-oasM6TxpHIQocMHtoA9cFdDcvlf71axR6_SIIofJ0x8ShrAqOP8eRTjjWQH14uFEkez5hGELeAZ87SkcQnc9c9ecJP6e-nbxfP6chUQ4jeQAqr016n4mhudPmLW5Y28xMWsYTIrJ-IrbOBFo2LsrJ7pvtxkSMU2frD6Y5WyvR0oHm75bZuAOL89FDCYdf4kKaqpTt1iA_K-ms5bxQhflU4TxKE5jPh-oXNFHuwBZjfGlF2xSdy88oGYdc8Ph0QR64EILwYIMuog82nAxo6Ykt4sU&sai=AMfl-YQqqilF4mvt7gwuLIyVNmUbyZczB6pKXxOWWKPRdH3-RHRcTCvY4v8Iq_0xQ1RKyY08mr1Ke92dkMdQfscbSGel_c1nNkgpr1mTevCeFP7PDKH0rfj-adcrvwb7kYFSwD_lEZRltWV7oKXuMK5mD62U43ZGoX6IZOU47w&sig=Cg0ArKJSzDwHpl2p_0iPEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 09 Dec 2023 10:12:24 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae810551cd4bf2ddc48da91d05f75990b403af9d32a1387ddf29f6c0caa90460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12205
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 806D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 10:12:24 GMT
server
Kestrel
server-processing-duration-in-ticks
972092
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 10:12:24 GMT
326118906875223_0-2789.m4v
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/ Frame 1A93 		31 KB
31 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/326118906875223_0-2789.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ded932134f2104d9a06ff4f750e5ae1f6a365a4d98a88f7c5d3f8a392086f14c

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:24 GMT
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
31458
x-fb-ull-ssbwe-v3
conservative:59859;mean:59859;aggressive:67144
x-fb-first-keyframe-offset
992
x-fb-origin-hit
1
x-fb-ull-ssbwe-v3alt
conservative:56744;conservative_median:56744;aggressive:67144
x-fb-video-livetrace-encoding
dash-lp-qd
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
23
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-qd:4809
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D488 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
20495
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 04:30:49 GMT
expires
Sun, 08 Dec 2024 04:30:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3E3C 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
437c5b6049506611b09a916f92298f70431ffaffbdfebe675123401b0218b065
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IW9EAcdE7__OyC4LARgXYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-IW9EAcdE7__OyC4LARgXYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 10:12:24 GMT
expires
Sat, 09 Dec 2023 10:12:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
326118906875223_0-2789.m4a
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/ Frame 1A93 		18 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/326118906875223_0-2789.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
512007d94acd5b646c4b261cc0deb980be8902d6b4bb5f8a9a6b91fb2a58bfb4

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:24 GMT
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
18350
x-fb-ull-ssbwe-v3
conservative:59859;mean:59859;aggressive:67144
x-fb-first-keyframe-offset
162
x-fb-origin-hit
1
x-fb-ull-ssbwe-v3alt
conservative:56744;conservative_median:56744;aggressive:67144
x-fb-video-livetrace-encoding
dash-lp-pst
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
27
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-pst:4893
sid
mug.criteo.com/ Frame 806D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=uEUWuF9JTXF3JTJGODBmRkJzVWZINXFocWx1NXowQTZWM1dYcnhZSFBrWWZVVlJxQTlzZUVUVUFxUFJxUz...
  • https://mug.criteo.com/sid?cpp=WMlJfnxJa05TWWI4ejYrbGE5WTZVZmUvZ2p5LzcybDErcms0OW84K1lsdGhua2c3RU5EU28xT2lEVTE0ejVkL0VHMDBJbjRVNzJqUnJsK2ZUcHpHMHJKclQxRWRpSTdvZlptaFdCS0tTdEllYW1sMlNRRytwSnlpVXRxbE...
422 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=WMlJfnxJa05TWWI4ejYrbGE5WTZVZmUvZ2p5LzcybDErcms0OW84K1lsdGhua2c3RU5EU28xT2lEVTE0ejVkL0VHMDBJbjRVNzJqUnJsK2ZUcHpHMHJKclQxRWRpSTdvZlptaFdCS0tTdEllYW1sMlNRRytwSnlpVXRxbEZzZ25hVmQ1NmZDSS94N08rRjQwZmZQTlZZVWRCanQzYVVTQlNsZ1F5Q3ZYcXU3aUltd0wwNFdTdnRFdFpaOGdGQk5RRmxJaHFxb05naUNRTVVUN0d3L0JQTGw4YUNpbytDQWdKZ2k3UlRKdnJlUkFwcFBXb2dzVUZJT1p0OEZjamdUb2hEK1loVWpIQkxVNWN5U1lGaXNMR2sxcnhHUDdYWWdZbmdSZDkrK1Z6SnR4VUo1az18&cppv=2
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
845f4b9447a86b51e3f620693907f7539986aa4cbe0072112e1118729f467a69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
789583
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=WMlJfnxJa05TWWI4ejYrbGE5WTZVZmUvZ2p5LzcybDErcms0OW84K1lsdGhua2c3RU5EU28xT2lEVTE0ejVkL0VHMDBJbjRVNzJqUnJsK2ZUcHpHMHJKclQxRWRpSTdvZlptaFdCS0tTdEllYW1sMlNRRytwSnlpVXRxbEZzZ25hVmQ1NmZDSS94N08rRjQwZmZQTlZZVWRCanQzYVVTQlNsZ1F5Q3ZYcXU3aUltd0wwNFdTdnRFdFpaOGdGQk5RRmxJaHFxb05naUNRTVVUN0d3L0JQTGw4YUNpbytDQWdKZ2k3UlRKdnJlUkFwcFBXb2dzVUZJT1p0OEZjamdUb2hEK1loVWpIQkxVNWN5U1lGaXNMR2sxcnhHUDdYWWdZbmdSZDkrK1Z6SnR4VUo1az18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
383551
content-length
0
expires
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame D488 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 23:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
296093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 23:57:31 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3E3C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=176372759853315&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame D488 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?x5GKkQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 501B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1tALcJz-drszIoy3T8TNFTM8pl0wsi3ocMMxMiDKgBg2a4vMe1mmEdqWk_mgDKdJWaBHP-xOn7iGON1IAerm55BtHDhZu5SU28pYNLwKKiAFjqUYD0jKRrykCHdd2TSIzyPs6HARgLGHAMrP8jIFs-qn6cbsDSLWl3NofTOkrWebUbXYeMNXIWzDkLsQeMgTFfauYFxJ32AgykLR3Z_jIM_qr0wtH_1Ein_NKjQwSBLH0NoB4cPCF_wiwV-n2O_woR9J1-S-Ayh4c_REJLMR2VHQ2RSTiqn7RzF_BsdRm9k_GthJ2QUzpOtL_T8WENu5DwRznFSrWOY4Ty1yba9V9HJrggKSB8ci0olQm3uNUcMfoxo5m8aN6rsoY2KjGjaaKX9CVvEy7P72bECbm5tIDYE0Px9eODwEABoJBPMNlJFRnOw6DtYtyZmDAy9zz0moyntI_uhnK9Q--axApbOBtz8JutJQssmA4JkNQaj4IBYRbzXC0Q0c3iIiFy9Tw5lZCw2Dx92hJ2QVIhjuAsOZ5l-2XrnuR1isH8pxniSi_YqSHfGrwxhmEERfwRyKxhTgB3w6I2u4A5i7phA66uG2h1DrUfZrR_VcUTfiTIRNjrs76z-UWW2J2D3Hdk7fJSm5Lwj_VC_i6r4Ne933QMaszLuG0O1Ce-0_CJNrPeErWk9Zzuq_Ur86eKDPKxLCtTv6mYlhOBz2aYaQ7DoLbOpH0WZMKmYKDsNIthM6_mRssxb21RoluSTY0zla8y7a03ggCCcttOHzJaVeqlHSeQnqZV-4i7KxX6We7KD4I138d2Pgm948GwcNJDlH5btXhHxZy6BTXMDbVbumKldO0tzyZFmvezVgsbN8-6dKK8EOYMH-d8s1bxyDPtw4sD5lkycAX41LZFUvB-PylPf6A1QmFDM47qks4flnTMUtHquItb3ngU3d938mbd9cbh2mPrgC_bSLSJK9VrHn7rLvDeJdBUPXloJWXVMsmshSP_ftyaynzuGjKxcBAti-fy6CO5N2-DHzhFYuXVHFAqQEuyeuVL7H1g-YA3WwelJYn9S2jnD8c6s3Ss-0lVLurX-QR6BP2KLtDYB6LrwNXwwVWOAhixUhKmeeOvT5Jkr2bW9KD2-G1qpZ5WFdJVy7p7iPWn1KSADqZBMskies-YH5Q32CEzZ1ElYeFUxoynMXuR0iDZBBRa0x2MMJgnd4klwXZ8uzqFPhD8cVVNkm3sF6HxpHKwgnkTr3u7hWos_Rhdm1MhuLacmZWYdBbxCuB8aKT-NFbhqqAa0YwmHNaXxRFrkrwRNwmgslSEQmfEr4kKewQl3T_aOhgnw3IjHtcRCIr05iJv2Mo1clDBdS3jQfFvF5efwUHsSGjsie1JTN9yWm50AiZUWUpl5k8zxxu5zZEvhmNjmaURTw8dauNdKaNNTqmuN0J3DTrpnWFnNxVE6qrBGpf67iE24Ma3QeuSLMyBLcUQKzRip4-DgF1M81mwB7Oemeu2ksYL5yTN8V8tsQrQxrIqqMY-pJavd8CESduosVQqbO4ZQ9BuuCGx-Fos0s&sai=AMfl-YRGfOX4NR6Mt7Xai6440U9Y_w4XnzwUar90gLwKaPjync_YFKvELmxF_2W8pDcLip4fskNwCSQ8dUYzprWP56rkBDXhbA9T22N6FlOoMd-WuwUZRHStYXuYJ2kYkLZAcR-FC1YIyo0DXsH-JiAbYXbiTSM&sig=Cg0ArKJSzEpCMqMtgJ42EAE&cid=CAQSOwDICaaNRnQZtGik_WmR9C9D3t4TUHQJSbo8ZWDSl6iFlHx_oU4dPGxxEdv3cQlu7ub5mOAAzVf9xzEuGAE&id=lidar2&mcvt=1000&p=358,640,458,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1212019568&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702116743694&rpt=150&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
326118906875223_0-2790.m4a
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/ Frame 1A93 		18 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/326118906875223_0-2790.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e020872e332c740930142fd3f09564f8917bd62257445d61eb46ed974d961f2d

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:25 GMT
x-fb-ull-ssbwe-v4
p25:807720;p50:807720;p75:112221488
x-fb-ull-ssbwe-v4alt
p25:807720;p25bis:807720;p50:807720
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
18123
x-fb-ull-ssbwe-v3
conservative:696304;mean:696304;aggressive:1563736
x-fb-first-keyframe-offset
160
x-fb-origin-hit
1
x-fb-ull-ssbwe-v3alt
conservative:524640;conservative_median:524640;aggressive:1563736
x-fb-ull-ssbwe-v4scaled
p25:605790;p50:605790;p75:112221488
x-fb-video-livetrace-encoding
dash-lp-pst
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
22
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-pst:5261
326118906875223.mpd
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/dash-abr3/ Frame 1A93 		11 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/dash-abr3/326118906875223.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfCvASmJrO9ijllhjccNbu4hdGtb3GjmAfD61yvlNxdElQ&oe=6575F5CE
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7ac6e513ea73e5c46385e523bdc35f294f90d1a4c737d9464418400653523797

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:25 GMT
content-encoding
gzip
x-fb-content-creation-ts
1702116743
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
1
x-fb-latest-segment-ts
5841483
alt-svc
h3=":443"; ma=86400
content-length
1590
x-fb-origin-hit
1
etag
93fcd6ad0f0fedf1de65bbeaf1a71d5b
vary
Origin, Origin
content-type
application/dash+xml
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=1
accept-ranges
bytes
timing-allow-origin
*
priority
u=1,i
326118906875223_0-2791.m4a
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/ Frame 1A93 		18 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/326118906875223_0-2791.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
12718ad584b8d0f53398c1cabf7ad5219908cd9286eaf4f47e11128a98dba658

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:25 GMT
x-fb-ull-ssbwe-v4
p25:807720;p50:807720;p75:112221488
x-fb-ull-ssbwe-v4alt
p25:807720;p25bis:807720;p50:807720
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
18870
x-fb-ull-ssbwe-v3
conservative:574372;mean:574372;aggressive:1563736
x-fb-first-keyframe-offset
167
x-fb-origin-hit
1
x-fb-ull-ssbwe-v3alt
conservative:409512;conservative_median:409512;aggressive:1563736
x-fb-ull-ssbwe-v4scaled
p25:605790;p50:605790;p75:112221488
x-fb-video-livetrace-encoding
dash-lp-pst
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
35
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-pst:5559
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=176372759853315&bg=!T0ylTAPNAAY3kmNgF5I7ADQBe5WfOD55U6OnAytGNGAvjVMgyxriq3EoX3gYC1FIxPZNb7aM37Ig9Z60WKDu-iLb36FfAgAAAElSAAAAOWgBB5kC4Ny-8ZQWfX6SDyXL6pDq_X4O1JtdNmXNXmJ_5AJb9f3UWc9xqyE_63RX7k2h3gxkFd_gPIFBwh_Tqi9HmJMOaqlgTsX63xnMajEJkR5UwDa-jxHxZYT-CWXxdeHF3StpU_fnz3c0BCYXgfSt2NouhpeJSV69hXiCPOC4xF2CxB8I51sz0_8ZNT4N3Op0Gd82cVT9HgUEu35_VY1H6PG6b6UADx2ENDsGe1xbYEHJECtb3a_HYYI80WYsuRsKwldh4AmcxxoItw7sRvIbNNRQN4N-sS7j06VpvA8lEyHM5OyZ76KnZsnhdSGRa8OoYXZ5k2gKa2v8VTP-VAC3uGo6ryInRYtcKEzUvV6ZB1eFdSd4yfkLOhTNDM80U-HIHxxSoNHv3GeRFuAPvzyDYTczvTZD_kZE_oNlTiGNPWLDVrlgfMhMxxbN2hUqIe6Bo3cN58ayvELzIBB7FY5gYaRraMajRquoYKQb-RdorDBKBlYzcLZzSrA7nEJUdSXjOKdYx7TcNgArwngLvN-d3LX8mkz3Subc4Nd_CiM6RlA9dABJVd-uYQUnWUEr3lSYfshOdAP4qAK-F4ephzBPkgypDaLejlwge6cs7NsXpvfsQfiHuI8vE8UCs1W119ovNsc7mzJwD7HUnlPFUzrMz5tbPwIda3XU-pGPsEAIU1d3-yv1reAHp1iQhx9_q3mgCAd3sPdIekP6C4s5xNOW5Vw1f3Gb71lIrS6zd2m-NBXLkmmd85rl3txpAnpxITiXqogy19muxgt_W9C88Ucgz-SAXWZldUs_gjr--68ls__Yyop5GyS2oBm20yQ9GULkb3hROMn5K8s5DBsYxL1SCIfuSwmcCu4k9-93qKj5Kq82dRI-dJIHStYHVqGdEo5yxPNkd-Mup4YLLp-VWAY8eb4_SOP8bAWWhbAEipbqUcOJsKKWN5Ve39ZXM2BIh6BJ-KPWCbuuXAv0D8M9yQFrhIk1LS0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame D602 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuungXfFQ53buxipCXN2Utu1V5FvQd7rTS2homW2irA_4KCi03JBNpa5hquUM4cQCgJaOezUMfWTXUD3_cS4raKtFd8AxINTQGbbINxLlPRtAQN5cmDfx5o8NAryI0GodW7IO9qOZjuGQ&sai=AMfl-YRKYxuNtioO0ofc4x7DQXlyBRAy7m_OBf4APy0sOZr0FSZA32U&sig=Cg0ArKJSzFnkJ8MWO9VrEAE&id=lidar2&mcvt=1000&p=108,625,362,925&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=3242553145&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702116741060&rpt=3508&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702116739890&gcd=11l1l1l1l1&dma=0&cid=412506686.1702116740&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1702116740&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&_s=3&tfd=5994
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tpsc-ae1.doubleverify.com/ Frame 08E0 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ae1.doubleverify.com/event.png?impid=5d0f225ed77740c9ba3f29ebcf361332&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_asmm=1&vdur=334&eoid=17&te_exec=0&msrjs=5084&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=0&tetms=8&msltms=5&vltms=334&sei=289&vetms=4&tuviims=188&tuviems=526&engms=1&engisel=1&ee_dp_ddtes=2&dvp_dtcov=4&sim=3&msrcanlm=392&msrcannum=3&ee_dp_tmads=2451&ismms=30&isumms=29&nvr=6&isgmmims=30&isgmv4mims=30&elmtp=6&isbxdms=2430&b0=100&b11=2474&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=2574&sftb=2574&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1031&isuiabvms=1031&isgmpims=139&isgmv4dpims=1031&ispmxpms=1031&engalms=29&dvp_dpr=1&vstsz=736&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3348
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5084.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
Pragma
no-cache
Date
Sat, 09 Dec 2023 10:12:25 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-12-08T10:12:25
event.png
tpsc-ae1.doubleverify.com/ Frame AA2F 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ae1.doubleverify.com/event.png?impid=657687f55b8f4225a8e35e5dd433b93d&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_asmm=1&vdur=460&eoid=17&te_exec=0&msrjs=5084&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=0&tetms=7&msltms=6&vltms=460&sei=289&vetms=8&tuviims=154&tuviems=622&engms=1&engisel=1&ee_dp_ddtes=2&dvp_dtcov=4&sim=3&msrcanlm=392&msrcannum=3&ee_dp_tmads=2602&ismms=52&isumms=51&nvr=6&isgmmims=52&isgmv4mims=52&elmtp=6&isbxdms=2552&b0=100&b11=2638&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=2738&sftb=2738&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1052&isuiabvms=1052&isgmpims=266&isgmv4dpims=1052&ispmxpms=1052&engalms=50&dvp_dpr=1&vstsz=735&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3500
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5084.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
Pragma
no-cache
Date
Sat, 09 Dec 2023 10:12:25 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-12-08T10:12:25
326118906875223_0-2792.m4a
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/ Frame 1A93 		18 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/326118906875223_0-2792.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c10ceaf0f11c314d2de11e215aad1739e861676a38f93643f142a2f9644228d2

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:25 GMT
x-fb-ull-ssbwe-v4
p25:807720;p50:807720;p75:112221488
x-fb-ull-ssbwe-v4alt
p25:807720;p25bis:807720;p50:807720
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
18893
x-fb-ull-ssbwe-v3
conservative:498917;mean:498917;aggressive:1563736
x-fb-first-keyframe-offset
157
x-fb-origin-hit
1
x-fb-ull-ssbwe-v3alt
conservative:352000;conservative_median:352000;aggressive:1563736
x-fb-ull-ssbwe-v4scaled
p25:605790;p50:605790;p75:112221488
x-fb-video-livetrace-encoding
dash-lp-pst
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
29
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-pst:5804
bz
www.facebook.com/ajax/ Frame 1A93 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmKewgUng5KbwKBAodo6C2i5U4e1Fx-ewPG323616whoS2S2bwmo3vx60Vo8olwe21wKE4W15w8i0KEswIwuo667Uy1nzUmw5Cx62G3i0ha2l2Utw78waOfwbK0RE5a1qw8W5U4q0HUvw4Jwp8ow46wbS1Lwqo2Ywcq0mW&__hs=19700.BP%3Aplugin_video_pkg.2.0..0.0&__hsi=7310535746925145667&__req=5&__rev=1010319003&__s=%3A%3Acvsr5e&__sp=1&__user=0&dpr=1&jazoest=21813&locale=en_US&lsd=BBCZTKmQCQuonA0XE7t6hZ
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/3_USCBHvE2b.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryMJxL9DNZh5T5DIVl

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 10:12:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
QK8JyCNrc4JVklR/pA6Hcy0DIO1rg8p4rypd1yq23cNSaHSsLyDlGoW6utDDb6vf8bcqFLFP15nKYT3+HVBYRQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
access-control-allow-methods
OPTIONS
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
vary
Origin
content-type
text/html; charset="utf-8"
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
326118906875223_0-2793.m4a
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/ Frame 1A93 		18 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/326118906875223_0-2793.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2d8e5707f61f87a2b7f6f47d0c80447272931698c0a7301d387e52162499b6bb

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:26 GMT
x-fb-ull-ssbwe-v4
p25:807720;p50:807720;p75:112221488
x-fb-ull-ssbwe-v4alt
p25:807720;p25bis:807720;p50:807720
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
18829
x-fb-ull-ssbwe-v3
conservative:480412;mean:480412;aggressive:1563736
x-fb-first-keyframe-offset
166
x-fb-origin-hit
1
x-fb-ull-ssbwe-v3alt
conservative:349072;conservative_median:349072;aggressive:1563736
x-fb-ull-ssbwe-v4scaled
p25:605790;p50:605790;p75:112221488
x-fb-video-livetrace-encoding
dash-lp-pst
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
24
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-pst:6042
326118906875223_0-2790.m4v
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/ Frame 1A93 		32 KB
32 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/326118906875223_0-2790.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1bcbcd0462c2709611deeeaa97bae378a3e951a6135e98b1c5e41d6661c574a9

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:26 GMT
x-fb-ull-ssbwe-v4
p25:807720;p50:807720;p75:112221488
x-fb-ull-ssbwe-v4alt
p25:807720;p25bis:807720;p50:807720
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
32993
x-fb-ull-ssbwe-v3
conservative:462714;mean:462714;aggressive:1563736
x-fb-first-keyframe-offset
475
x-fb-origin-hit
1
x-fb-ull-ssbwe-v3alt
conservative:349072;conservative_median:349072;aggressive:1563736
x-fb-ull-ssbwe-v4scaled
p25:605790;p50:605790;p75:112221488
x-fb-video-livetrace-encoding
dash-lp-qd
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
27
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-qd:6257
326118906875223_0-2794.m4a
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/ Frame 1A93 		18 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/326118906875223_0-2794.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3676c75714b0e943982021629ad0962a6a822eeb2e907c8ae97b44f2e7d51619

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:26 GMT
x-fb-ull-ssbwe-v4
p25:807720;p50:807720;p75:112221488
x-fb-ull-ssbwe-v4alt
p25:807720;p25bis:807720;p50:807720
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
18780
x-fb-ull-ssbwe-v3
conservative:465474;mean:465474;aggressive:1563736
x-fb-first-keyframe-offset
163
x-fb-origin-hit
1
x-fb-ull-ssbwe-v3alt
conservative:349072;conservative_median:349072;aggressive:1563736
x-fb-ull-ssbwe-v4scaled
p25:605790;p50:605790;p75:112221488
x-fb-video-livetrace-encoding
dash-lp-pst
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
28
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-pst:6297
326118906875223_0-2791.m4v
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/ Frame 1A93 		34 KB
34 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/326118906875223_0-2791.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
40f4b7485993353e029f85c2589e80079b7a815514598320bd688452185ccc32

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:26 GMT
x-fb-ull-ssbwe-v4
p25:807720;p50:25592312;p75:112221488
x-fb-ull-ssbwe-v4alt
p25:807720;p25bis:807720;p50:25592312
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
34429
x-fb-ull-ssbwe-v3
conservative:529162;mean:529162;aggressive:1563736
x-fb-first-keyframe-offset
817
x-fb-origin-hit
1
x-fb-ull-ssbwe-v3alt
conservative:408496;conservative_median:408496;aggressive:1563736
x-fb-ull-ssbwe-v4scaled
p25:605790;p50:19194234;p75:112221488
x-fb-video-livetrace-encoding
dash-lp-qd
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
26
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-qd:6512
326118906875223.mpd
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/dash-abr3/ Frame 1A93 		11 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/dash-abr3/326118906875223.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfCvASmJrO9ijllhjccNbu4hdGtb3GjmAfD61yvlNxdElQ&oe=6575F5CE
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0abbd4af67913b6acfa6a8c5de99539f2a8919cc47601d8e057e8de541c4420e

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:26 GMT
content-encoding
gzip
x-fb-content-creation-ts
1702116745
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
x-fb-latest-segment-ts
5843661
alt-svc
h3=":443"; ma=86400
content-length
1590
x-fb-origin-hit
1
etag
654c46b15024821892d46fbf3eec2853
vary
Origin, Origin
content-type
application/dash+xml
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=1
x-fb-edge-debug
kesd942vqcV7yyC69mDbcSHnUZ1y2d5UV4DnHYmYLFP0MLUSRnnD5SdfEMHuJXvDWMoTMTpodF5bdTF78CLnsTsCHJ6iD2Lu0GMSXyNzJW8D0TT7ny3mbTazzeYkHyel
accept-ranges
bytes
timing-allow-origin
*
priority
u=1,i
326118906875223_0-2795.m4a
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/ Frame 1A93 		18 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/326118906875223_0-2795.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7f20464bcc65e39c5219d72ad575732d510fe863ba2b3d21b0a489e36a753eb4

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:26 GMT
x-fb-ull-ssbwe-v4
p25:807720;p50:25592312;p75:112221488
x-fb-ull-ssbwe-v4alt
p25:807720;p25bis:807720;p50:25592312
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
18804
x-fb-ull-ssbwe-v3
conservative:564131;mean:564131;aggressive:1724560
x-fb-first-keyframe-offset
163
x-fb-origin-hit
1
x-fb-ull-ssbwe-v3alt
conservative:409512;conservative_median:409512;aggressive:1724560
x-fb-ull-ssbwe-v4scaled
p25:605790;p50:19194234;p75:112221488
x-fb-video-livetrace-encoding
dash-lp-pst
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
25
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-pst:6543
326118906875223_0-2792.m4v
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/ Frame 1A93 		34 KB
34 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/326118906875223_0-2792.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c5132ab11e6b9743c546a27d0e42d2548b2c39992cf0e7f57802d700e79139a0

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:26 GMT
x-fb-ull-ssbwe-v4
p25:807720;p50:25592312;p75:98787728
x-fb-ull-ssbwe-v4alt
p25:807720;p25bis:807720;p50:25592312
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
35046
x-fb-ull-ssbwe-v3
conservative:615205;mean:615205;aggressive:1724560
x-fb-first-keyframe-offset
165
x-fb-origin-hit
1
x-fb-ull-ssbwe-v3alt
conservative:467120;conservative_median:467120;aggressive:1724560
x-fb-ull-ssbwe-v4scaled
p25:605790;p50:19194234;p75:98787728
x-fb-video-livetrace-encoding
dash-lp-qd
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
25
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-qd:6767
326118906875223_0-2796.m4a
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/ Frame 1A93 		19 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/326118906875223_0-2796.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1227da1f30cd91bcc03d92d6f63df9ed1752ca2fad652f7df206e55dd6f41c8e

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:26 GMT
x-fb-ull-ssbwe-v4
p25:807720;p50:25592312;p75:98787728
x-fb-ull-ssbwe-v4alt
p25:807720;p25bis:807720;p50:25592312
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
18945
x-fb-ull-ssbwe-v3
conservative:630678;mean:630678;aggressive:1822072
x-fb-first-keyframe-offset
191
x-fb-origin-hit
1
x-fb-ull-ssbwe-v3alt
conservative:467120;conservative_median:467120;aggressive:1822072
x-fb-ull-ssbwe-v4scaled
p25:605790;p50:19194234;p75:98787728
x-fb-video-livetrace-encoding
dash-lp-pst
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
25
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-pst:6793
326118906875223_0-2793.m4v
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/ Frame 1A93 		26 KB
26 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/326118906875223_0-2793.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a2d26787c163c76904362956f1632d950111421b5799dd19bd99e5d29b418158

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:27 GMT
x-fb-ull-ssbwe-v4
p25:25592312;p50:25638496;p75:98787728
x-fb-ull-ssbwe-v4alt
p25:25592312;p25bis:25592312;p50:25638496
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
26980
x-fb-ull-ssbwe-v3
conservative:676244;mean:676244;aggressive:1822072
x-fb-first-keyframe-offset
88
x-fb-origin-hit
1
x-fb-ull-ssbwe-v3alt
conservative:543296;conservative_median:543296;aggressive:1822072
x-fb-ull-ssbwe-v4scaled
p25:19194234;p50:19228872;p75:98787728
x-fb-video-livetrace-encoding
dash-lp-qd
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
24
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-qd:7018
326118906875223_0-2797.m4a
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/ Frame 1A93 		18 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/326118906875223_0-2797.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f62ef0ed589ecb35e040a0e768da9c712dddd1354f93de734af2169936b3beef

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:27 GMT
x-fb-ull-ssbwe-v4
p25:25592312;p50:25638496;p75:98787728
x-fb-ull-ssbwe-v4alt
p25:25592312;p25bis:25592312;p50:25638496
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
18112
x-fb-ull-ssbwe-v3
conservative:676244;mean:676244;aggressive:1822072
x-fb-first-keyframe-offset
171
x-fb-origin-hit
1
x-fb-ull-ssbwe-v3alt
conservative:543296;conservative_median:543296;aggressive:1822072
x-fb-ull-ssbwe-v4scaled
p25:19194234;p50:19228872;p75:98787728
x-fb-video-livetrace-encoding
dash-lp-pst
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
24
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-pst:7043
326118906875223_0-2794.m4v
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/ Frame 1A93 		37 KB
37 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/326118906875223_0-2794.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6c90cf0682d3034d3a1f4ee5c3ab2cf248a274531b0d714011412c6d221aa042

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:27 GMT
x-fb-ull-ssbwe-v4
p25:13183520;p50:25592312;p75:98787728
x-fb-ull-ssbwe-v4alt
p25:13183520;p25bis:13183520;p50:25592312
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
37930
x-fb-ull-ssbwe-v3
conservative:691587;mean:691587;aggressive:1822072
x-fb-first-keyframe-offset
894
x-fb-origin-hit
1
x-fb-ull-ssbwe-v3alt
conservative:554984;conservative_median:554984;aggressive:1822072
x-fb-ull-ssbwe-v4scaled
p25:9887640;p50:19194234;p75:98787728
x-fb-video-livetrace-encoding
dash-lp-qd
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
23
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-qd:7273
326118906875223_0-2798.m4a
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/ Frame 1A93 		19 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/326118906875223_0-2798.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9701f3aa828bf62b68fe6a791d7deb8a2139bb11fbb8d052b8ac902ff2648b5b

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:27 GMT
x-fb-ull-ssbwe-v4
p25:13183520;p50:25592312;p75:98787728
x-fb-dynamic-latest-segment-id
2797
x-fb-ull-ssbwe-v4alt
p25:13183520;p25bis:13183520;p50:25592312
x-fb-dynamic-predictive-response-chunk-size
4470
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
x-fb-ull-ssbwe-v3
conservative:691587;mean:691587;aggressive:1822072
x-fb-first-keyframe-offset
169
x-fb-origin-hit
0
x-fb-ull-ssbwe-v3alt
conservative:554984;conservative_median:554984;aggressive:1822072
x-fb-ull-ssbwe-v4scaled
p25:9887640;p50:19194234;p75:98787728
x-fb-video-livetrace-encoding
dash-lp-pst
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
25
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-pst:7288
326118906875223_0-2795.m4v
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/ Frame 1A93 		37 KB
37 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/326118906875223_0-2795.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
318af6bdb38737c8f197d65bc1dff6908dee45fbb562a84247f28e82a43fd7ea

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:27 GMT
x-fb-ull-ssbwe-v4
p25:10622320;p50:25592312;p75:28674064
x-fb-ull-ssbwe-v4alt
p25:10622320;p25bis:10622320;p50:25592312
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
37875
x-fb-ull-ssbwe-v3
conservative:717011;mean:717011;aggressive:1822072
x-fb-first-keyframe-offset
370
x-fb-origin-hit
1
x-fb-ull-ssbwe-v3alt
conservative:622768;conservative_median:622768;aggressive:1822072
x-fb-ull-ssbwe-v4scaled
p25:7966740;p50:19194234;p75:28674064
x-fb-video-livetrace-encoding
dash-lp-qd
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
23
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-qd:7531
dt
dt.adsafeprotected.com/ Frame 036A 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1527247&asId=9e0b2962-b786-8029-cd83-7dd05f5ef6a5&tv=%7Bc:wkpT8m,pingTime:5,time:6622,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D,%7Bpiv:100,vs:i,r:,t:1621%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:1621,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1614~0,0~100%5D,as:%5B1614~300.250%5D%7D%7D,%7Bsl:i,t:1621,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:175,fm:tXW4nGk+11%7C12%7C13%7C14*.1527247-72330247%7C141%7C15,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:19,sis:426%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:8176:7413:21c:ce90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:27 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 036A 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1527247&asId=9e0b2962-b786-8029-cd83-7dd05f5ef6a5&tv=%7Bc:wkpT8m,pingTime:5,time:6622,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D,%7Bpiv:100,vs:i,r:,t:1621%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5002,o:1621,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1614~0,0~100%5D,as:%5B1614~300.250%5D%7D%7D,%7Bsl:i,t:1621,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:175,fm:tXW4nGk+11%7C12%7C13%7C14*.1527247-72330247%7C141%7C15,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:19,sis:426%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:8176:7413:21c:ce90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:12:27 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
326118906875223.mpd
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/dash-abr3/ Frame 1A93 		11 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/dash-abr3/326118906875223.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfCvASmJrO9ijllhjccNbu4hdGtb3GjmAfD61yvlNxdElQ&oe=6575F5CE
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0abbd4af67913b6acfa6a8c5de99539f2a8919cc47601d8e057e8de541c4420e

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:27 GMT
content-encoding
gzip
x-fb-content-creation-ts
1702116745
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
1
x-fb-latest-segment-ts
5843661
alt-svc
h3=":443"; ma=86400
content-length
1590
x-fb-origin-hit
1
etag
654c46b15024821892d46fbf3eec2853
vary
Origin, Origin
content-type
application/dash+xml
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=1
accept-ranges
bytes
timing-allow-origin
*
priority
u=1,i
326118906875223_0-2796.m4v
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/ Frame 1A93 		37 KB
37 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/326118906875223_0-2796.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1e64a7f573c234b822ba5781b74571438a69f6aeddb3cb96d3b74c848eab79be

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:27 GMT
x-fb-ull-ssbwe-v4
p25:13183520;p50:25638496;p75:31897904
x-fb-ull-ssbwe-v4alt
p25:13183520;p25bis:13183520;p50:25638496
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
38280
x-fb-ull-ssbwe-v3
conservative:765627;mean:765627;aggressive:1822072
x-fb-first-keyframe-offset
711
x-fb-origin-hit
1
x-fb-ull-ssbwe-v3alt
conservative:657896;conservative_median:657896;aggressive:1822072
x-fb-ull-ssbwe-v4scaled
p25:9887640;p50:19228872;p75:31897904
x-fb-video-livetrace-encoding
dash-lp-qd
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
25
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-qd:7787
326118906875223_0-2797.m4v
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/ Frame 1A93 		28 KB
28 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/326118906875223_0-2797.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ff01fe8edd72c6bb4f00ef31950ce0a35c6acb24cc5cd4e1acecdc6c3df0d5f

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:28 GMT
x-fb-ull-ssbwe-v4
p25:13183520;p50:25638496;p75:31897904
x-fb-ull-ssbwe-v4alt
p25:13183520;p25bis:13183520;p50:25638496
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
content-length
28842
x-fb-ull-ssbwe-v3
conservative:777109;mean:777109;aggressive:1822072
x-fb-first-keyframe-offset
215
x-fb-origin-hit
1
x-fb-ull-ssbwe-v3alt
conservative:696840;conservative_median:696840;aggressive:1822072
x-fb-ull-ssbwe-v4scaled
p25:9887640;p50:19228872;p75:31897904
x-fb-video-livetrace-encoding
dash-lp-qd
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
24
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-qd:8044
326118906875223_0-2799.m4a
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/ Frame 1A93 		18 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/326118906875223_0-2799.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a4cf779b660d70be388759dc223fa0aeaa933e7979d0301226419f2015076f9

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:28 GMT
x-fb-ull-ssbwe-v4
p25:13183520;p50:28302576;p75:31897904
x-fb-dynamic-latest-segment-id
2798
x-fb-ull-ssbwe-v4alt
p25:13183520;p25bis:13183520;p50:28302576
x-fb-dynamic-predictive-response-chunk-size
4457
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
x-fb-ull-ssbwe-v3
conservative:758531;mean:758531;aggressive:1822072
x-fb-first-keyframe-offset
186
x-fb-origin-hit
0
x-fb-ull-ssbwe-v3alt
conservative:670352;conservative_median:670352;aggressive:1822072
x-fb-ull-ssbwe-v4scaled
p25:9887640;p50:21226932;p75:31897904
x-fb-video-livetrace-encoding
dash-lp-pst
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
359
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-pst:8405
326118906875223_0-2798.m4v
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/ Frame 1A93 		34 KB
34 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/326118906875223_0-2798.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63d4788816b3985fc7c7ee485e096af6d5001045d813c273b6bbb4f83ead2437

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:28 GMT
x-fb-ull-ssbwe-v4
p25:13183520;p50:28302576;p75:31897904
x-fb-dynamic-latest-segment-id
2797
x-fb-ull-ssbwe-v4alt
p25:13183520;p25bis:13183520;p50:28302576
x-fb-dynamic-predictive-response-chunk-size
17252
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
x-fb-ull-ssbwe-v3
conservative:758531;mean:758531;aggressive:1822072
x-fb-first-keyframe-offset
1148
x-fb-origin-hit
1
x-fb-ull-ssbwe-v3alt
conservative:670352;conservative_median:670352;aggressive:1822072
x-fb-ull-ssbwe-v4scaled
p25:9887640;p50:21226932;p75:31897904
x-fb-video-livetrace-encoding
dash-lp-qd
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
23
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-qd:8290
326118906875223_0-2799.m4v
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/ Frame 1A93 		41 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-qd-v/326118906875223_0-2799.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:28 GMT
x-fb-ull-ssbwe-v4
p25:13183520;p50:25638496;p75:28674064
x-fb-dynamic-latest-segment-id
2798
x-fb-ull-ssbwe-v4alt
p25:13183520;p25bis:13183520;p50:25638496
x-fb-dynamic-predictive-response-chunk-size
17339
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
alt-svc
h3=":443"; ma=86400
x-fb-ull-ssbwe-v3
conservative:713301;mean:713301;aggressive:1822072
x-fb-first-keyframe-offset
486
x-fb-origin-hit
0
x-fb-ull-ssbwe-v3alt
conservative:648944;conservative_median:648944;aggressive:1822072
x-fb-ull-ssbwe-v4scaled
p25:9887640;p50:19228872;p75:28674064
x-fb-video-livetrace-encoding
dash-lp-qd
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-fb-response-time-ms
351
priority
u=1,i
x-fb-video-livetrace-parentsource
CDN:elb:M:iad3c02:dash-lp-qd:8877
326118906875223.mpd
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/dash-abr3/ Frame 1A93 		11 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/dash-abr3/326118906875223.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfCvASmJrO9ijllhjccNbu4hdGtb3GjmAfD61yvlNxdElQ&oe=6575F5CE
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
813fcb9f341d0530a108631da8ca21e551be94e6f604c89a3b2ff66d84fabe99

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:12:28 GMT
content-encoding
gzip
x-fb-content-creation-ts
1702116747
cross-origin-resource-policy
cross-origin
x-fb-edge-hit
0
x-fb-latest-segment-ts
5845837
alt-svc
h3=":443"; ma=86400
content-length
1586
x-fb-origin-hit
1
etag
bc39d6f14fbafa6145930c44be9ffe80
vary
Origin, Origin
content-type
application/dash+xml
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control
max-age=1
x-fb-edge-debug
Yv3IRyoc8X1aYoXGZ79qKcblMivdK1QHwvKzBbjQ3UmPdH9ARg2yM5lnXcKA7DnDFWeXT5ul9IqkO5e5HITnHvzDGMZduL0No0keUPA6L_BSRB1-FHlKHKQWXQaeh_sD
accept-ranges
bytes
timing-allow-origin
*
priority
u=1,i
bz
www.facebook.com/ajax/ Frame 1A93 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmKewgUng5KbwKBAodo6C2i5U4e1Fx-ewPG323616whoS2S2bwmo3vx60Vo8olwe21wKE4W15w8i0KEswIwuo667Uy1nzUmw5Cx62G3i0ha2l2Utw78waOfwbK0RE5a1qw8W5U4q0HUvw4Jwp8ow46wbS1Lwqo2Ywcq0mW&__hs=19700.BP%3Aplugin_video_pkg.2.0..0.0&__hsi=7310535746925145667&__req=6&__rev=1010319003&__s=%3A%3Acvsr5e&__sp=1&__user=0&dpr=1&jazoest=21813&locale=en_US&lsd=BBCZTKmQCQuonA0XE7t6hZ
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/3_USCBHvE2b.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f796b486e7dc%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff178d9364ecb74%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryzxaaE1aDnG550YV0

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 10:12:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
j+a394C/Xtsg45fMJ+heLj5i3c3HM2Q4gt9YRVyLkK23ktKZy9rRlfgH9m4hxIjYLLHGGp8vbSJLwmebKB4YtA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
access-control-allow-methods
OPTIONS
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
vary
Origin
content-type
text/html; charset="utf-8"
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
326118906875223_0-2800.m4a
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/ Frame 1A93 		0
0
326118906875223.mpd
video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/dash-abr3/ Frame 1A93 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
scontent-iad3-1.xx.fbcdn.net
URL
https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=081abc&_nc_ohc=AFqS8Ov4x6EAX-ACKjb&_nc_ht=scontent-iad3-1.xx&edm=ADwHzz8EAAAA&oh=00_AfD-QrFTWEacVoGXl-Dn9GJlgofADNqaov_GRchnd7452w&oe=65798585
Domain
scontent-iad3-1.xx.fbcdn.net
URL
https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=4da83f&_nc_ohc=wnzSsJ60VVQAX_-6y62&_nc_ht=scontent-iad3-1.xx&edm=ADwHzz8EAAAA&oh=00_AfDUOvmTQeDCEmFj7DQ4oGTHihUpkgfSL3lPMZa5-nHhgQ&oe=65784515
Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Domain
scontent-iad3-1.xx.fbcdn.net
URL
https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=4da83f&_nc_ohc=wnzSsJ60VVQAX_-6y62&_nc_ht=scontent-iad3-1.xx&oh=00_AfAWvNRZ24uNPpZJWnYAITcFdsx2961G9qOb73g59CvNyQ&oe=65784515
Domain
external-iad3-2.xx.fbcdn.net
URL
https://external-iad3-2.xx.fbcdn.net/emg1/v/t13/10041237451703642184?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2023%2F09%2FCoupang%E9%85%B7%E6%BE%8E%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbG6Z6bBB68oriFn88lXUaGaVp6LxNDBRrpy7Rd9Fk6UfQ&oe=657630AA&_nc_sid=e42f53
Domain
external-iad3-2.xx.fbcdn.net
URL
https://external-iad3-2.xx.fbcdn.net/emg1/v/t13/9383379062544900719?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2023%2F09%2F%E5%85%83%E5%A4%A7%E9%91%BD%E9%87%91%E6%99%BA%E5%AF%8C-icash-%E5%8D%A1.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbGen92nwHbO2RE8c4hVbX7HZuhiORSFy1pIvPN6SfDCmw&oe=6575D057&_nc_sid=e42f53
Domain
scontent-iad3-2.xx.fbcdn.net
URL
https://scontent-iad3-2.xx.fbcdn.net/v/t45.1600-4/377339650_120200301975300248_5194458254965859906_n.jpg?stp=c0.36.1200.628a_cp0_dst-jpg_q75_s350x350_spS444&_nc_cat=111&ccb=1-7&_nc_sid=528f85&_nc_ohc=jvO2BowEKi4AX-mFXRc&_nc_ht=scontent-iad3-2.xx&oh=00_AfA9SiKzRQmToZH4JU3-U3tRv5t4vZXhQI-DfvMQea0S_g&oe=6578AA36
Domain
scontent-iad3-1.xx.fbcdn.net
URL
https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/377987026_690579996425570_2654391587099280527_n.jpg?stp=cp6_dst-jpg_p160x160&_nc_cat=101&ccb=1-7&_nc_sid=ab7367&_nc_ohc=Awi1ilN6StcAX9PGKhX&_nc_ht=scontent-iad3-1.xx&oh=00_AfCaUSoqJtt7GImM8vyASLgohFGpeJMMsi1dozQUv5uESQ&oe=65793774
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmKewgUng5KbwKh963m3i3i2i5U4e1qzEvzEdEc8co2czobo7W0TUhwj82owbC0LVEdEnwcG0KEswIwuo662y1nzU1vohwnU14E9kbxS0sy0H8-0KU3mwkE5G0zE5W0HUvw4Jwp8ow46wbS1LwqobU2cwcq0mW&__hs=19700.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7310535733312729682&__req=4&__rev=1010319003&__s=%3A%3A8gf5wr&__sp=1&__user=0&dpr=1&jazoest=21775&lsd=lr4EWeALT3pVlUX71IS8dI
Domain
video-iad3-2.xx.fbcdn.net
URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/ID/dash-lp-pst-a/326118906875223_0-2800.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Domain
video-iad3-2.xx.fbcdn.net
URL
https://video-iad3-2.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASd2YFD3Ert-AZzVEySAVBxIqd2nS2lEdC0yVwySpmkYVA/_nc_ohc-i9LsdQ7f3xEAX8Lu8EU/live-dash/dash-abr3/326118906875223.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfCvASmJrO9ijllhjccNbu4hdGtb3GjmAfD61yvlNxdElQ&oe=6575F5CE

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture object| sas object| googletag object| adloox_pubint object| anymindTS function| startAnymindTS function| gtag object| dataLayer function| Vue object| renews function| getRenewsFeeds object| app function| fbq function| _fbq string| labelToken string| category string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady undefined| google_measure_js_timing number| google_unique_id object| regeneratorRuntime object| ox_esp object| _33across function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_145 object| Criteo object| Criteo_identitytag_145 object| GoogleGcLKhOms object| google_image_requests

59 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _fbp
Value: fb.1.1702116739966.159841516
.reurl.cc/ Name: _gid
Value: GA1.2.1108869898.1702116740
.reurl.cc/ Name: _gat
Value: 1
.reurl.cc/ Name: _ga
Value: GA1.1.412506686.1702116740
.prnasia.com/ Name: __cf_bm
Value: Jb2XNjmKGiHEctkw6nzgOKhB3FMZW8kILikqNgDdNNo-1702116740-0-AbjHaisQgZlAWy3MvatQkOASRa446puFLe2OY6/PK8lrkhZwoBUcOuzrzGGy8Mbxs5MRIGuiwaX7hV1GsPdDXr8=
.openx.net/ Name: i
Value: efab48ee-f4dd-473c-b6ce-bd6926329208|1702116740
.openx.net/ Name: pd
Value: v2|1702116740|jElYiuvOhI
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: b3d41238e0b7832d7083bc56664162b6
.reurl.cc/ Name: _cc_id
Value: b3d41238e0b7832d7083bc56664162b6
.reurl.cc/ Name: panoramaId_expiry
Value: 1702203140524
.adsrvr.org/ Name: TDID
Value: 79e2fd74-05cb-4538-80fe-799c8e1a79d8
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiInJj7waq8PBAFOAE.
.ladsp.com/ Name: cr
Value: 1
.ladsp.com/ Name: smn_uid
Value: ZbTVJJ-kRQRbbz37ne18OBA7ezk4B9Y
.ladsp.com/ Name: lum
Value: CI6cwfDEMRIFCAMQ0AU
.openx.net/ Name: univ_id
Value: 537072971|79e2fd74-05cb-4538-80fe-799c8e1a79d8|1702116740620787
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzAyMTE2NzQwfQ
.doubleclick.net/ Name: IDE
Value: AHWqTUlwqvgN2yTJIeCmP004EJbEWZ8lwhWnJP0oNKKNZI2hAuJQfkIBg4Pu_T13
.send.microad.jp/ Name: TR
Value: db1730fb270e326aa7c1cc034f25ae25b08e93526f12311d
.doubleclick.net/ Name: APC
Value: AfxxVi5fyF8weeRb20GY5Yo019x08QpKVElcvMAsF_cbOlONsNg1NA
.turn.com/ Name: uid
Value: 9073924198830383431
.reurl.cc/ Name: __gads
Value: ID=2b599f4360e322bd:T=1702116740:RT=1702116740:S=ALNI_MY1y_wKjlyEGtWMs_GZirv1Mbw_yw
.reurl.cc/ Name: __gpi
Value: UID=00000ca7c127268b:T=1702116740:RT=1702116740:S=ALNI_MbVON0B5FrP9WILzpTn7-nOIOaDbg
.reurl.cc/ Name: _ga_N394QBRGC0
Value: GS1.1.1702116740.1.0.1702116741.59.0.0
.criteo.com/ Name: uid
Value: ce6ec286-7e67-4438-b544-46b15e999b81
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMID
Value: ZXQ9hca..DyOYqKWRo9LRQAA
.casalemedia.com/ Name: CMPS
Value: 5349
.casalemedia.com/ Name: CMPRO
Value: 5349
.reurl.cc/ Name: ISMD5VERSION
Value: 1
.doubleclick.net/ Name: ar_debug
Value: 1
.lndata.com/ Name: admckid
Value: 2312091812201649805
.hinet.net/ Name: uuid
Value: 924b0039-31f9-447a-a8f2-b8fe9f40517a
.holmesmind.com/ Name: fcm
Value: 1
.holmesmind.com/ Name: Vision
Value: 20231209-23:59,20231209-21,20231209-21,20231209-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.holmesmind.com/ Name: P
Value: 776522-kw7tnYuVdVrDodmh0oPAn2y8hwty6nEq
.reurl.cc/ Name: CFFPCKUUID
Value: 2185-p6mszAjpOYJ0uC9JZ50kwCq2CHGESBhW
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 4202-rKaOSkl2jdYwOuGFKNm4O8BFEVDsh762
.reurl.cc/ Name: FPUUID
Value: 4202-0d578ec5f470c55353562a7886850c79
.c.appier.net/ Name: _auid
Value: GTOAGw7cAq6SzR4Ahj10ZQ
.reurl.cc/ Name: __htid
Value: 924b0039-31f9-447a-a8f2-b8fe9f40517a
.reurl.cc/ Name: _ht_em
Value: 1
.reurl.cc/ Name: _ht_50ef57
Value: 1
.fout.jp/ Name: uid
Value: CXd3lz1LEL0lSwuhlOTcpBsQYLY
.ctnsnet.com/ Name: cid_e5e312ecbcf24ce3b9d36562d9e6bd0b
Value: 1
.ctnsnet.com/ Name: gid_CAESEGALEdzBSxrZAjaiT0m6BRI
Value: 1
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 2605149718085338965
.yahoo.com/ Name: A3
Value: d=AQABBIg9dGUCENidooNk8dCqvz6luQFIIW4FEgEBAQGPdWV-ZQAAAAAA_eMAAA&S=AQAAAqxDBWBtVcrMxtdlWUExbbo
.googleadservices.com/ Name: ar_debug
Value: 1
.bidswitch.net/ Name: tuuid
Value: b2a5201d-7a8e-4a00-a57a-10339b9d3278
.bidswitch.net/ Name: c
Value: 1702116744
.bidswitch.net/ Name: tuuid_lu
Value: 1702116744
.bidswitch.net/ Name: google_push
Value: AXcoOmTX2_6Ymk_38g1HhKtpCuBlDiRJ496qbk5IK2jeOMA5q5rGgQFCvkYNTGfZ_0rIvV2t1pAAS08HulgraxNHstIYa63PCESuag
.yieldmo.com/ Name: yieldmo_id
Value: 3zRBxFFuuwFUVCweIq70%7C1702080000000%7C0
.reurl.cc/ Name: cto_bundle
Value: f08ab19JTXF3JTJGODBmRkJzVWZINXFocWx1NTFzZFFtejdjWUtUWWNNUnNxUXdaQnJaYUpncFRLR1dnVDZzQjkyTUtFZFBCaXVudWJYWEIwVFhNdWswV3E1bWtNMkQzblolMkY4YVFiTXdzJTJGS29kZDZtRUJSZGVOYVh0YlJCNkhtVmNaak5oSmZqcUdCRjd5RHplRjhQek9hRFJXZmclM0QlM0Q

10 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
deprecation warning URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz(Line 276)
Message:
Listener added for a synchronous 'DOMSubtreeModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92)
Message:
Unrecognized feature: 'attribution-reporting'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3318bfa341e2149bee175f178e6212a6.safeframe.googlesyndication.com
78a509a266925957f14ecca352a8886e.safeframe.googlesyndication.com
924b0039-31f9-447a-a8f2-b8fe9f40517a.t.ssp.hinet.net
ad.doubleclick.net
ad.holmesmind.com
ad2.apx.appier.net
ads.yieldmo.com
analytics.google.com
anymind360.com
asset.re-news.tw
bcp.crwdcntrl.net
bidder.criteo.com
blog.alphaloan.co
c.holmesmind.com
c1.adform.net
cdn-ima.33across.com
cdn.doubleverify.com
cdn.holmesmind.com
cdn.jsdelivr.net
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cm.lndata.com
connect.facebook.net
cr-p3.ladsp.com
creditcards.com.tw
d.turn.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
external-iad3-2.xx.fbcdn.net
fcm.holmesmind.com
fcm2.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i0.wp.com
img.gbyhn.com.tw
img.racingcharger.tw
invstatic101.creativecdn.com
ipac.ctnsnet.com
jp-u.openx.net
m.holmesmind.com
match.adsrvr.org
mma.prnasia.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
reurl.cc
rtb0.doubleverify.com
rtb2-useast.e-volution.ai
s-cs.send.microad.jp
s0.2mdn.net
scontent-iad3-1.xx.fbcdn.net
scontent-iad3-2.xx.fbcdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
storage.reurl.cc
sync.fout.jp
t.ssp.hinet.net
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ae1.doubleverify.com
us-u.openx.net
video-iad3-2.xx.fbcdn.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rayskyinvest.com
x.bidswitch.net
external-iad3-2.xx.fbcdn.net
scontent-iad3-1.xx.fbcdn.net
scontent-iad3-2.xx.fbcdn.net
video-iad3-2.xx.fbcdn.net
www.facebook.com
103.132.192.30
104.18.35.167
116.50.36.71
139.162.78.222
142.250.196.130
142.250.199.98
142.251.222.2
142.251.42.198
151.101.1.55
172.64.151.101
174.137.133.49
18.138.89.19
18.182.111.97
18.65.185.71
182.161.74.11
185.84.60.20
192.0.77.2
192.0.78.236
192.0.78.25
2001:df2:a300:bbbb::136
202.232.238.37
202.233.84.8
203.75.214.136
210.59.219.34
211.120.53.204
2404:6800:4004:801::2003
2404:6800:4004:80c::2002
2404:6800:4004:80f::200e
2404:6800:4004:818::2003
2404:6800:4004:81e::2008
2404:6800:4004:81f::2002
2404:6800:4004:820::200e
2404:6800:4004:821::2002
2404:6800:4004:822::2001
2404:6800:4004:823::200a
2404:6800:4004:824::2004
2404:6800:4004:826::2001
2404:6800:4004:828::2002
2404:6800:4008:c01::9d
2404:6800:400a:805::2003
2406:2600:4::1
2406:2600:4::12
2406:2600:4::b
2406:da18:929:5a01:753:f5e4:6f9c:e3e1
2600:140b:a800::17c3:5b8a
2600:1f18:1aca:4282:8176:7413:21c:ce90
2600:9000:20c4:a000:1e:5c56:d400:93a1
2600:9000:20c5:3200:8:48e:53c0:93a1
2600:9000:20e4:7400:0:e06c:e940:93a1
2606:4700:3034::6815:6009
2606:4700::6811:eec2
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f003:101:face:b00c:0:1823
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:187:face:b00c:0:25de
2a04:4e42:600::485
3.0.243.35
3.33.220.150
34.102.146.192
34.117.23.234
34.120.107.143
34.149.120.3
34.149.43.113
34.149.98.30
34.95.67.231
34.96.70.87
34.98.64.218
35.185.130.121
35.186.193.173
35.190.36.98
35.201.76.93
35.213.12.39
35.227.249.156
35.244.196.223
35.74.211.183
52.192.40.163
52.197.5.4
61.216.47.122
99.84.133.75
01a33f0ff59e28cd463d425548a593e150506f7f0d1c958403bae903f5e8e2e9
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0210061ed0a4abc0263a7736faa5eb43cb8126bf3a350a89c49eee5a9db28147
074c0c0958c69b63ea201e57c238c90dd200eee99667fea19c713fba0175e4b1
096f85ac6d28eb274e8f6bcffc83c4d3baf2041bd4befd0adea68c566b20c57b
0abbd4af67913b6acfa6a8c5de99539f2a8919cc47601d8e057e8de541c4420e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ebacafc72baccb35d633c8959c37a3b14cd64c35a94355761f5e84af4e24323
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3
1227da1f30cd91bcc03d92d6f63df9ed1752ca2fad652f7df206e55dd6f41c8e
1251a26f79546132084dfcf1b0616cbedae57c5560878d70cd4b16e7615bfb5d
12718ad584b8d0f53398c1cabf7ad5219908cd9286eaf4f47e11128a98dba658
160c72a1882339cfcedb15b0d425baed9fa9b4d8ee5c5be7bbd878676dddd315
1633103c00381f73cb62fd2fa4f75a9f6d24b1a4ffcc13e3fef7788b23189026
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
197cf9f704785e690d950b4cb570004989336fa75540d555aef7e396db1f2861
1a5bfbcea37051b69ffb51494bca539b16ef2d969086bf4abdef636fc5943679
1ba731fa9f8276454a29bbb9afbf4595fa066f08935a762beceecc4749f90d5b
1bcbcd0462c2709611deeeaa97bae378a3e951a6135e98b1c5e41d6661c574a9
1cdfea8482ec87dbfecfc0b3914b3e9d90e2c32f7f601261cc79369092894312
1e64a7f573c234b822ba5781b74571438a69f6aeddb3cb96d3b74c848eab79be
2044cd25e688faf5e6dba6c7f7820f7fe1c96ad80178c2f98d2d64e3312bdd7e
206603377c2fbc79471a97b70a798c665bca41a5071204b7e913e486287eb959
208cd6c1ec51a2737c544e3da4166eb917333e9dd588841e599143f7f083de85
2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
223c3af9370b31d7b0e45a2f9559b147143bbd4a2c7a69125f6668eabcdff5a2
226d20c2725e876a96edabbbad4ca3709478995aac12ff27b7efff45d73d96c1
25089c2094ecc4602d7a990a25c0fabe8db11d117ee9fd8c3f24080d8a0b67ff
280555e90833f74ed9c01266459f9e2154a47b4e69e8461e8ab16ad26dc2eb05
2a73eeab28aea3cec0383f3b1aff4d10451fce9269b7ee6f6ed926f89bf9895c
2af9dcd5f220b6aaa7fb46c21e3a9833abce8a1d7953c0591013081dd73c6e57
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2c3cb5a0833b9412d27f44e06a84fd797180b81e15e99af5d7d8ffa96d1f41e8
2c817cf617e9c30c5ac5155ba074057d21b06477fb0a3fcfb9152b967ac019b9
2d8e5707f61f87a2b7f6f47d0c80447272931698c0a7301d387e52162499b6bb
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318af6bdb38737c8f197d65bc1dff6908dee45fbb562a84247f28e82a43fd7ea
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30
3271eecca15405b948944596894209cfc44ced3b8e5e840a5cd6d01b1a31d5ef
3357e675ea4f190381d0d4969e3af833e76d64fd9f37881b2e3229a537e51b5c
35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
3676c75714b0e943982021629ad0962a6a822eeb2e907c8ae97b44f2e7d51619
373cff4a5be14637fbe35895c47e016b43fe37c32a6d704cd59da533185c6bb7
37ccfb30991194358f751ec4fd4671b6ab5461a4ac4ccc62d6fde6ce3f788da2
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a4fda7b449ddfa3b11ceb4c715c4c2f042e2cc1949701deb1fb8098d02b9b47
3a7a68e832e09c668589e2bab6e3bc69348c21fdd4be0b940446e8d3b0948a6d
3ac9bb6389f0e34f19e36ba8176214ed407b571a4e25d9a9eb8b6ceab4727359
3bcd3b9dd33a70702868257484389dec8761bc8a34a6881491e7a43583c68151
3dc6787de4b1097650e4fc18a14d735fbb8e09c5a8159ece51c16593c8cec0e9
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3f5b3cd6f440203db7852219adf9d9048385af1bf74e769dfba3f7ae479a33a1
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38
40f4b7485993353e029f85c2589e80079b7a815514598320bd688452185ccc32
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
431486b008ef8dcacc621c3f8fd446b9a43db474fc6e1766b4189d71984acfa6
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160
437c5b6049506611b09a916f92298f70431ffaffbdfebe675123401b0218b065
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
45445cdb742ba713feadbb749a2328f90698cc052372bb736682afcb5e7c6345
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
466a2b83598f050f049b67846837901257419fee715406c1bcaff1d16ffe150c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47359059b0b29b8fc52c56402079fbba06ef266e5dc9870118a3a46b8a2f1b00
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a91cc3d7f0943cabdd61ca1ff8f5e4747c2e81349fbc490de26380a4d817733
4ae0349791dfb484708da6169c76aad16d987ab82c0e9828ac083a47e9890a9b
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4db541461647c28fb61f2fb64d440eaa2fe81abaf0758942e9d24af4b66e1ebc
4df9b60b23dc99b2d8effa62273d522e2c879c50a288eee73784db7eb5016908
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f857826f81d25c367d30efd8fc55a8c02e62a78db2c54b595a961acd0f5c628
4fdd04912129cdb8d227c0be200a5205ccbc49c6851594f80d1df0364ae5d1a2
512007d94acd5b646c4b261cc0deb980be8902d6b4bb5f8a9a6b91fb2a58bfb4
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
537ca7a252b652d62df215062a8d00ba452611e7c778a9677118f67014c23d1f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5609dbd6bd5496a114ca913530c2dd0aecff8502646c438db58251345eda9545
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5a4cf779b660d70be388759dc223fa0aeaa933e7979d0301226419f2015076f9
5b6b12321b6a55be0f76667bdde586a2c31c20ae62ddc1a49e90f43088cd558c
5d28e955cf2bc7eab352b6053c691492b7436b141829f69b52f3639f86beaa96
5ff01fe8edd72c6bb4f00ef31950ce0a35c6acb24cc5cd4e1acecdc6c3df0d5f
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
63d4788816b3985fc7c7ee485e096af6d5001045d813c273b6bbb4f83ead2437
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
65071d12565792e01cf791100265d862ad777255d547046225ae3a2543c1acb9
6604d53f95876c8b7cabb0609501f5b453662e925a10a2e8002ecf3df5858439
675c68ec272e15adac541942a16ddfa45419f6f959147e4728a4e26c512520ad
6871de12df8d1d3da3dff8d6370933ba3630a6e9ce19bf93eca651967a221c42
68b6eb9c48e3b113a3d1872ef75032d9f7f9771d9d2617bf058d7bc2f5070831
6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6c90cf0682d3034d3a1f4ee5c3ab2cf248a274531b0d714011412c6d221aa042
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
7490c495bc701b5f3c822f76f18d9f9842e4c3578b4c8e74937ce49a1ca75546
75d5f53cffb1a406e6096a7ba6cc972337014c9b055842fe71dc7e7314dbbfe4
77bcc9a2018d9882752571a1063ef8fdfdb22353f6dcf019be8d5eff94ee063f
77cc2e91c6371e28a7881f86194898613191aecabe0c305cfec7cae1d2964cb2
785893da2b0c3e70d3dc875dd6dd3e0f11b3dc146a88f34ffce5ca031a5e412a
7ac6e513ea73e5c46385e523bdc35f294f90d1a4c737d9464418400653523797
7eb1615cb979594d3f72752d31d62a3ca93e5b9622ee4b2be5034d540fdca994
7f20464bcc65e39c5219d72ad575732d510fe863ba2b3d21b0a489e36a753eb4
813fcb9f341d0530a108631da8ca21e551be94e6f604c89a3b2ff66d84fabe99
81c276588619f1c40eedff545b03407fdb29f28a7cfc34ed0e53979e03006ed5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
845f4b9447a86b51e3f620693907f7539986aa4cbe0072112e1118729f467a69
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
912daea3af555c4dcf176909f65c32156b99ceba768aaf0419a102603b9a459e
91524c70ede9562d1bd8976201f4f2fd6b24d2c4844f4f7d0d862e1c5a685f81
940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b
94d523edd701a50db76faf479f4e32f007cbd97ade5339313f1e5a1ef5b35a85
94eac0860820de05aadd6f3ba018554293cf27b11d11d0e6a0b0509676cfe9c8
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9701f3aa828bf62b68fe6a791d7deb8a2139bb11fbb8d052b8ac902ff2648b5b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c067c26f5bddfc2d3810a3ada3371fb1f5e2350d76342d4050ab3fc67335964
9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9d5497521bfc84947a23dd5687f8629f34ce7d1dd3d37cc83d9c6f14d2af0cb0
9e11962c066339f200a342dfdecd23dab603951d49189e9e84723f3cc2008a67
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9fb58c6c9fdcdcf6714b210c657d5bb812a33cfe7573ff60ea5d7b61fb4774d3
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a2d26787c163c76904362956f1632d950111421b5799dd19bd99e5d29b418158
a3e20e19ee80c742a25830eb84209ca1eaa4d2ef3fc75e131ede23d89b633cb1
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
aa03eb68227b8878eaceea508be01259496077ec5ed9b375f84c77f577b843ed
ab537e5d1aad79aa80216444bb19c9f009e435a714c7815d7ab071210fccb741
ac0bbdb325a55aa396c1b2c24b5213bc7d05634d182abceb6ddda30042e2373b
ae810551cd4bf2ddc48da91d05f75990b403af9d32a1387ddf29f6c0caa90460
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2
b1b1661ffb71705ae01b3b0cea6c065ae93d49d6b547bfeeec0260fa92bf2793
b22620fc4d630726cb3f47fac6ade45801e71c9d90dc6ab148e51dbcc910944e
b2ab62ae9ef497837041609e66f23d13d0291e4198200026ffbe935c6c8ce570
b38edecfa6faf279459e59458d16f69f3d4eea964acaf81f268b71c8af2e5bd9
b3cff0979ae4453a0f5e09b91417604d6481acb894f3734dbe0dbb5040086a46
b429486bdd6630fb3fdfa332e7919855881da3a3b2a51d62eaa1ced0862bfb5b
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b50ba7cca50fd61ab72172f422203982d913084cb5f50731e79cd82aa00ad621
b6fe6101ff12f786ff956ba29a5b1d1e3264c7769ffceb85d733b4c7986e6b95
b8e642516dc8d83ae1e8b5364acfdc7fa6e589703f5237c671591ebe9db5708a
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5
b98745699334e83f49350bbf814a657f787ae1d515b8e41df4856ea89dd2f8a1
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c101c172df6fd1ea057115ceb1933d418cd7c0ef00d6932ad3383f478777825f
c10ceaf0f11c314d2de11e215aad1739e861676a38f93643f142a2f9644228d2
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
c2c3293a14f79b383984a6e7cbc83230f56f64860c09a6aa3684cdb77bb6a4fb
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
c5132ab11e6b9743c546a27d0e42d2548b2c39992cf0e7f57802d700e79139a0
c5d4bd00c93f687b2f1c47656a5dcee22ff87ae4dc205dd7d982d1082532cc29
c73f2b03af16458ad905f45a098d8861ec7b0a2480387a59195b4465aca25d02
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
cd1a1c2e4f6310a0fd024f0741f9adb892f52778f8091e55d1b0db68d8fc97f9
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda
cf7c52d22ad6f42e3829d82f838f35edb70ca2541396ac81e50d0e7c862d48fa
d0c0a6ab2e10cb4061ce00406e53dd6eec2f0753fd20883654b2c13349e088d7
d20cf80322259d9177611df3a6016556c8ee1c7b56376805c15d449c1785df0a
d3484f6294202e8f55486ecdd116702849ab075f1e3a182df8a4d06654aad425
d353b1355c456941a6195bf480abb7c6092cfd0213313f56168f2315b43d40e1
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0
dd07581e56231d553bcbc4f77379226b1c0e5d612bdb630e92a41c4df2837620
dd5b883208737683591b97adc671269d8c2dc5ac6deae83a6cca6fc232ad91cc
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ded932134f2104d9a06ff4f750e5ae1f6a365a4d98a88f7c5d3f8a392086f14c
dee10fdcd26b484406619a49a9148dc00d73e2520c9c80aa1ff9489279d874c4
e020872e332c740930142fd3f09564f8917bd62257445d61eb46ed974d961f2d
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c2cab4b940c7e3f36763bc918ae1189e94470ada07aaccc64d301759bda7ec
e3f34d53782b37ff0c212cc42915f4fa80b265e4798c147842e92fa1bfe1c4f0
e6478184fe5d7ab4f3bad23a1d02c3331f979cf4fa2a38eaf2ea6e53f54f391b
e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac
e6e2bd9d60bbb95105042f15104f1e98bf0321c60b01911e559fffbbc53afa98
e76120de695e8ada80fa020a780e36ffbabe2d750c1dc46d4934545d11aa8c81
e80f3c6479f08a7ea0b97f0c3538f4d3420e0f00df102e15469e7fc6ed013cbc
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8d97e0da707b0d1b0c9bff85de9716f001df1678a8bfca416022056d34cdd72
ea76b764cc79e34aacb5473f624f54f6da49da1d10b00cb931075a6bd0d38c32
eb0110be59431fd3c8942faca7ee241aef70ddc66cc3316b645cc8ae6ca2b70a
eb1dcc6858928161e0f053fd744a2039bb7c340473c48c38eea01305c9109432
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b
f62ef0ed589ecb35e040a0e768da9c712dddd1354f93de734af2169936b3beef
f66a024262683368febb424cb6c22a4feaab9d1ccbff88b3c4ffeca1dc85f5d1
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f7c5a25ee12e00276a449115d2f6148f69f32365dd7af57f8ca2d222bedea268
f9ab2d0b1fd6ff343526a05199a2a3db6417076d5792d30f5ea83ccc29a936a3
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fc3d26f45aff3d8f6b84e1b787a1fd06d2d6cd7da58a88b16d5593b940d816c4
fd66f83ea75a1ccdd4953552363bc37a9cf055220f8d89a23ec8564c8d2ed2fb