URL: https://reurl.cc/gaOWLp
Submission Tags: gc
Submission: On December 15 via api from JP — Scanned from JP

Summary

This website contacted 63 IPs in 6 countries across 44 domains to perform 185 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 116978.
TLS certificate: Issued by R3 on November 18th 2023. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35.185.130.121 396982 (GOOGLE-CL...)
2 2a04:4e42:400... 54113 (FASTLY)
5 34.149.98.30 15169 (GOOGLE)
1 151.101.193.55 54113 (FASTLY)
1 2404:6800:400... 15169 (GOOGLE)
1 11 2404:6800:400... 15169 (GOOGLE)
6 2a03:2880:f10... 32934 (FACEBOOK)
1 35.244.196.223 396982 (GOOGLE-CL...)
29 2a03:2880:f00... 32934 (FACEBOOK)
3 2001:4860:480... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 2406:2600:4::1 55569 (CRITEO-AS...)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 18.65.185.102 16509 (AMAZON-02)
3 2404:6800:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 18.139.4.93 16509 (AMAZON-02)
1 34.117.23.234 396982 (GOOGLE-CL...)
1 61.216.47.122 3462 (HINET Dat...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 192.0.78.24 2635 (AUTOMATTIC)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 35.185.136.122 15169 (GOOGLE)
1 35.190.31.54 15169 (GOOGLE)
1 2600:9000:20c... 16509 (AMAZON-02)
1 192.0.78.236 2635 (AUTOMATTIC)
1 3 2404:6800:400... 15169 (GOOGLE)
2 2a03:2880:f04... 32934 (FACEBOOK)
1 2 2406:2600:4::b 55569 (CRITEO-AS...)
1 18.172.52.86 16509 (AMAZON-02)
4 2404:6800:400... 15169 (GOOGLE)
5 35.244.159.8 396982 (GOOGLE-CL...)
1 18.65.185.12 16509 (AMAZON-02)
2 143.204.86.129 16509 (AMAZON-02)
2 2 35.71.131.137 16509 (AMAZON-02)
1 1 124.146.153.165 2514 (INFOSPHER...)
2 2 99.84.133.75 16509 (AMAZON-02)
4 6 142.250.207.2 15169 (GOOGLE)
5 2404:6800:400... 15169 (GOOGLE)
4 2600:9000:20e... 16509 (AMAZON-02)
19 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
19 2404:6800:400... 15169 (GOOGLE)
1 1 202.233.84.8 131957 (MICROAD M...)
3 5 104.18.36.155 13335 (CLOUDFLAR...)
1 116.50.36.71 18046 (DONGFONG-...)
2 13.113.11.114 16509 (AMAZON-02)
1 34.95.67.231 396982 (GOOGLE-CL...)
1 18.179.228.20 16509 (AMAZON-02)
4 203.75.214.136 3462 (HINET Dat...)
1 2 35.201.76.93 396982 (GOOGLE-CL...)
1 35.227.249.156 396982 (GOOGLE-CL...)
1 18.182.103.101 16509 (AMAZON-02)
1 182.161.74.11 55569 (CRITEO-AS...)
2 142.250.196.130 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
2 216.58.220.98 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 143.204.86.31 16509 (AMAZON-02)
1 35.208.216.174 19527 (GOOGLE-2)
185 63
Apex Domain
Subdomains
Transfer
41 googlesyndication.com
51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
221 KB
28 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 953
scontent-itm1-1.xx.fbcdn.net — Cisco Umbrella Rank: 231760
578 KB
24 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
283 KB
12 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 132288
cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 171925
fcm.holmesmind.com — Cisco Umbrella Rank: 210108
fcm2.holmesmind.com — Cisco Umbrella Rank: 154750
c.holmesmind.com — Cisco Umbrella Rank: 107592
m.holmesmind.com — Cisco Umbrella Rank: 190604
ad.holmesmind.com — Cisco Umbrella Rank: 104322
64 KB
7 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
us-u.openx.net — Cisco Umbrella Rank: 491
jp-u.openx.net — Cisco Umbrella Rank: 15595
2 KB
6 google.com
analytics.google.com — Cisco Umbrella Rank: 152
www.google.com — Cisco Umbrella Rank: 2
1 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
51 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 116978
storage.reurl.cc — Cisco Umbrella Rank: 432247
6 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
3 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
104 KB
4 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 84860
09a7b4e2-d53e-4fa5-8220-9bae9e56c4ad.t.ssp.hinet.net
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
258 KB
3 trvdp.com
cnt.trvdp.com — Cisco Umbrella Rank: 38270
go.trvdp.com — Cisco Umbrella Rank: 34674
s.trvdp.com — Cisco Umbrella Rank: 30609
146 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
7 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
141 KB
3 re-news.tw
storage.re-news.tw
asset.re-news.tw
re-news.tw
81 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
42 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25818
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
720 B
2 truvidplayer.com
stg.truvidplayer.com — Cisco Umbrella Rank: 27502
3 KB
2 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 26283
515 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
12 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
58 KB
1 ad-score.com
rt.ad-score.com — Cisco Umbrella Rank: 27242
595 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
52 KB
1 lndata.com
cm.lndata.com — Cisco Umbrella Rank: 161265
470 B
1 microad.jp
s-cs.send.microad.jp — Cisco Umbrella Rank: 17722
527 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
879 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
857 B
1 alphaloan.co
blog.alphaloan.co
181 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5797
248 KB
1 rayskyinvest.com
www.rayskyinvest.com
612 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
87 KB
1 creditcards.com.tw
creditcards.com.tw
47 KB
1 prnasia.com
mma.prnasia.com — Cisco Umbrella Rank: 534895
46 KB
1 racingcharger.tw
img.racingcharger.tw
213 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
5 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
13 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
92 KB
1 anymind360.com
anymind360.com — Cisco Umbrella Rank: 20760
43 KB
185 44
Domain Requested by
26 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
19 pagead2.googlesyndication.com 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
pagead2.googlesyndication.com
reurl.cc
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
19 tpc.googlesyndication.com reurl.cc
51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
11 securepubads.g.doubleclick.net 1 redirects reurl.cc
securepubads.g.doubleclick.net
www.googletagservices.com
6 cm.g.doubleclick.net 4 redirects google-bidout-d.openx.net
googleads.g.doubleclick.net
6 www.facebook.com reurl.cc
static.xx.fbcdn.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 storage.reurl.cc reurl.cc
4 cdn.holmesmind.com securepubads.g.doubleclick.net
cdn.holmesmind.com
4 www.googletagservices.com securepubads.g.doubleclick.net
51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
3 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
3 googleads.g.doubleclick.net 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
reurl.cc
pagead2.googlesyndication.com
3 www.google.com 1 redirects reurl.cc
tpc.googlesyndication.com
3 analytics.google.com www.googletagmanager.com
3 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 www.google-analytics.com storage.reurl.cc
www.google-analytics.com
reurl.cc
3 connect.facebook.net storage.reurl.cc
connect.facebook.net
fcm2.holmesmind.com
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 www.googleadservices.com reurl.cc
2 c.holmesmind.com 1 redirects cdn.holmesmind.com
2 cm-dev-poc.holmesmind.com cdn.holmesmind.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net google-bidout-d.openx.net
2 us-u.openx.net google-bidout-d.openx.net
2 match.adsrvr.org 2 redirects
2 stg.truvidplayer.com go.trvdp.com
s.trvdp.com
2 gum.criteo.com 1 redirects static.criteo.net
2 scontent-itm1-1.xx.fbcdn.net www.facebook.com
2 oajs.openx.net 1 redirects reurl.cc
2 www.google.co.jp reurl.cc
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 cdn.jsdelivr.net reurl.cc
1 09a7b4e2-d53e-4fa5-8220-9bae9e56c4ad.t.ssp.hinet.net cdn.holmesmind.com
1 rt.ad-score.com s.trvdp.com
1 s.trvdp.com go.trvdp.com
1 s0.2mdn.net 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 mug.criteo.com reurl.cc
1 ad.holmesmind.com cdn.holmesmind.com
1 m.holmesmind.com cdn.holmesmind.com
1 fcm2.holmesmind.com cdn.holmesmind.com
1 fcm.holmesmind.com cdn.holmesmind.com
1 cm.lndata.com cdn.holmesmind.com
1 s-cs.send.microad.jp 1 redirects
1 www.gstatic.com 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
1 fonts.googleapis.com 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
1 tg.socdm.com 1 redirects
1 go.trvdp.com cnt.trvdp.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 cnt.trvdp.com securepubads.g.doubleclick.net
1 blog.alphaloan.co reurl.cc
1 static.wixstatic.com reurl.cc
1 www.rayskyinvest.com reurl.cc
1 re-news.tw reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 creditcards.com.tw reurl.cc
1 mma.prnasia.com reurl.cc
1 img.racingcharger.tw reurl.cc
1 asset.re-news.tw reurl.cc
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 storage.re-news.tw storage.reurl.cc
1 www.googletagmanager.com reurl.cc
1 anymind360.com reurl.cc
1 reurl.cc
185 70

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3
2023-11-18 -
2024-02-16
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh
storage.reurl.cc
GTS CA 1D4
2023-12-10 -
2024-03-09
3 months crt.sh
anymind360.com
R3
2023-10-25 -
2024-01-23
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-09-23 -
2023-12-22
3 months crt.sh
storage.re-news.tw
GTS CA 1D4
2023-12-07 -
2024-03-06
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-09 -
2024-01-06
3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-09-30
a year crt.sh
oa.openxcdn.net
GTS CA 1D4
2023-11-24 -
2024-02-22
3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2023-10-24 -
2024-01-22
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
*.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.google.co.jp
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
asset.re-news.tw
GTS CA 1D4
2023-10-24 -
2024-01-22
3 months crt.sh
img.racingcharger.tw
cPanel, Inc. Certification Authority
2023-10-22 -
2024-01-20
3 months crt.sh
*.prnasia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-25 -
2024-11-24
a year crt.sh
tls.automattic.com
R3
2023-12-08 -
2024-03-07
3 months crt.sh
gbyhn.com.tw
GTS CA 1P5
2023-11-20 -
2024-02-18
3 months crt.sh
re-news.tw
R3
2023-10-29 -
2024-01-27
3 months crt.sh
*.rayskyinvest.com
R3
2023-11-04 -
2024-02-02
3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA
2023-08-03 -
2024-01-30
6 months crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
*.trvdp.com
Amazon RSA 2048 M01
2023-07-26 -
2024-08-23
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.truvidplayer.com
Amazon RSA 2048 M02
2023-01-22 -
2024-02-20
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2
2023-05-19 -
2024-06-19
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.lndata.com
GeoTrust RSA CA 2018
2022-11-23 -
2023-12-24
a year crt.sh
*.t.ssp.hinet.net
2023-04-06 -
2024-04-06
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2
2023-09-02 -
2024-10-03
a year crt.sh

This page contains 20 frames:

Primary Page: https://reurl.cc/gaOWLp
Frame ID: F548FFABE65EA77BF784AB29EF598FFD
Requests: 52 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: 2975744B54D65BFA3B861F1E54E7BFC7
Requests: 38 HTTP requests in this frame

Frame: https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6682AD8BEAC753EAD9BBE6F5309C4983
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Frame ID: 48611671D2D23BECB13B7E2983262F99
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlgjrIOyx1j9GXVMR7jqJ_SnhCl1pR-rgg2n_ohB7pCjPoxWCx3iAa1ZBbSb6YfGYmJTQPKvuHCTWT9iR-c2qSu5sQAsJhqgk2Y6t19DTORMJHqakelU8OZb5-C-YOoIYXRs0YXQlkHH40uzzcHy2vcLGMqQOHNdBpLD65Gi3FD_sGjNOpjoKVRpNzvkgKdPNmGgdnxmGmXYvGc6Gn2SnO3yngJicvYMVToyGb6OLknOyEu6xnjXtD-5NLoJJekTav7UT_SuCeyUAl-RMZ2Kf3ubW4-IkqqgA0BV25iNsHzpk-BznBwL5NUFBBuMd162iNwPdGftA4ehoyhgWbSfPIZ1QHNihdBnRljkn69XNe8hG8gA2lBrwbhkPzRo1GQgqOMndX9A&sai=AMfl-YR8A0k0VI4_XYpfUX4BlLtgRAXP-gLv3raELDZW37UIc-RSC1fJc_1F1hpt58Z31fMTJLoh91C-mvHSSaQLkw74tzwt8Ben4MdR2b0n6V4oZdXHoxLlU4Sh6uGHkNO0gkLu-1CjM3Nd9lwwuLhNfQY&sig=Cg0ArKJSzOdDIpAHCN5WEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: AABDBE44E37112EE7C22F4822E7D757A
Requests: 6 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: E804B9D18AC10322891D2B7D32DA0DF7
Requests: 6 HTTP requests in this frame

Frame: https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2EC10B23472804CCAE039F3BBB91BF7E
Requests: 17 HTTP requests in this frame

Frame: https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 59D17902D2988BD7052CE27B3E5A8456
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: A59D334509A1B2D0D06E0BDF74F971B5
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcyn5jk58sJr9feymJlmal14dTTtkL7BZsP5JCRw_YZTBdrHil9ekSltoFnOhhCaQmhLP-_h4vsTSj-IEW0gEbXH0S9AOUAXOs5HpO2nju_js94RIdDe4yqfcg29ApaIUPJU1V4esU3YxZYlOHvu9Pot5LXiVt9d2jL9NW3gpE95JZ0wcF0n6SvTO0qgOPWAtM65fd5JGJNqdL8h8DIRaGB6YOKk-QNgTh-vqp4-y1tPlmyaYJhNypyMGG_HnwY4DRnQRpt_Qhj7BhsFgQRjCgmLbwiS3ihbVcxV0IWvl0mI3RyVdTcF3NRpsrMiQ0HgAEm0FI9nXfcAD66wk8v6GPSIWxUoLlzctyTVCiLObVslwNGEH6GO_D6tx1FFsF79A20vM0z8hen4M&sai=AMfl-YSaUmkBoO0GKl5p_w_B_8T_KaJFzV3C9LzRaQY2RKi8dNqE66TeGbeYWn85mgSWltzncFVDzv-qaAesHOE9Rbk3kU9U4T7DxN4BrEZhQfFefdRVWcfYovFKJrYkZvpOVN5uwT5y6v9HoWq2sq_TwxSG&sig=Cg0ArKJSzMIAuNYOYP99EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 62E5294C642435139333CF13F8DAFC26
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMO9FRDwqeLgBRjru4OBAjAB&v=APEucNWH7EFFf2CmySKfygGBk1cj-h8CiLGpbhQxcPEF0jSsf7o_AKvpsa8OuIrgSxdHizkoeDTAi1kEMXFTmkF6eQD6u9zi0A
Frame ID: CE74B04F502ED58007C421BBB8462D9D
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: DE60721AC4698E1813448581CD6754F1
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 12AA44063E64E242CF62E6AB86697851
Requests: 3 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 0355E2C2FAA46E57F1D537CCF574A6C2
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: D3E34588BEE2AA98224705F5975C257C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 93B8AA2472C461AAFF06EFCF72E14454
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 67A43063A41258090730FBD02B87A764
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 511D8D1123FCB3C69CACF5B44AAFF0DB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4551206795A8C12C8AED467A1D5B936C
Requests: 2 HTTP requests in this frame

Frame: https://stg.truvidplayer.com/v5.832/prtct.php?val=f&geo=JP&timestamp=1702618627&level=0
Frame ID: 3327107B09A6B803D1B8D8C07116B5D6
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

縮短網址產生器 - reurl

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

185
Requests

90 %
HTTPS

41 %
IPv6

44
Domains

70
Subdomains

63
IPs

6
Countries

3733 kB
Transfer

8623 kB
Size

43
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
Request Chain 82
  • https://match.adsrvr.org/track/cmf/openx?oxid=374ab549-2a0c-7d95-e8f5-a5e57f12a2ab&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=374ab549-2a0c-7d95-e8f5-a5e57f12a2ab&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=08956d7e-87b3-4f97-9b4a-769ca3ad51ed&ttd_puid=374ab549-2a0c-7d95-e8f5-a5e57f12a2ab&gdpr=0&gdpr_consent=
Request Chain 83
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXvmAcCo8XwAAAJP.5EAAAAA
Request Chain 84
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATy5_3YpjwFeks8AED1M4hbVHM8AAAGMa_p1Jg
Request Chain 86
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKwGHKVUj6yAvk6Vu3V_vog&google_cver=1
Request Chain 131
  • https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Request Chain 132
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9FVT9yyTRs1JzOGetT1Es&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9FVT9yyTRs1JzOGetT1Es&google_cver=1&C=1
Request Chain 133
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXvmAcrJFugJqOmp6FvjNAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9FVT9yyTRs1JzOGetT1Es&google_cver=1
Request Chain 134
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 141
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 142
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEDuGvXuJPM7HUmfOWHyxP6I&google_cver=1
Request Chain 152
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=FO0THHw1MEV2cFdSUDJnWE9ZNEYwQVczUDBTSkpwT2VIRXpoT3ZoYXVqaHJNS2tVK3RUNzZpQmcxWldxTW9BVFMrWWdkRFA4UTlIZWV2U1hOWnhIVktFSHpzb05UM3F4T0grUTVCZytKWS8ySldQNkwrYnAyVDFNdWpDRGo5MkFmMUdFNWNQOEhxNFlqbER6ek9Gd0RlUTNyM1hHc2ZtbWFoQzExYmJicy9UZkczMEgyU0xCSGFuNFBiS2xTcEtLOFpiaXk4d1NDdXVoUlBSMGdBaTFtcjk2TUhZSFBkVE5obEdKK2N3NWQ1TEJvSHNEbEJqVkh4cW5VSDJ3bXd4VmI5RjEyblNQaXIrWDBYV3B2cUY4amRFeWpCZz09fA&cppv=2
Request Chain 154
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CosgIAOZ7ZcyDNaXN29gP5YCGiA2g5rzPdL3-1sqAEmQQASDSzIEaYInzxYT0E6AB6OzP-ynIAQmpAtE7jPTERD4-4AIAqAMByAPLBKoErwJP0FruZSjjRAZ9RlAsVvi-axelojJi8as26v5ksbjVK139srwn8SlSRogKJw_t6aKAxwGbB-_HZrTdKfPkoaLD8boGdAF8eP4seIpDJ4oBqelFqHZ7muSvqIaI_qWL2oDPrZm8f8H9OCx5NXcV5IYxvgtyKmcc6WrH--FDuxNe5vN6ShOo0Yrjt2CZ0Bln696RtGK1sujca_FoY5TXYOyvd0cgAn15qlhPYQsfgyEN1al6i0KMwB_fED5WLs1gL_c4RgZN9tY-6wcSon4n-CZXWlMc-O_ocKv5o0-s4xrQDtbZ_4qU6J7hjxSSBHeWAJWODr6FwCerb92yivEHJ4T2dCspHBuRkwUgFYLdPA1eLTnIv5PbBaHE5hLhdS1iFeX_q2c07YQ82QbsSvHPf13ABO3Nx7HFBOAEAYgFoZHiiUySBQQIBBgBkgUECAUYBKAGLoAH6KSg2wSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCw_wTSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WPWQydLckIMDmglxaHR0cHM6Ly9zc3cud2ViLmRvY29tby5uZS5qcC9rYXpva3VjcC9pbmRleC5odG1sP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y29udGVudCZ1dG1fY2FtcGFpZ249Y3AyMDIzMTFrYXpva3WACgPICwGYDNu5usHEBKIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLaDBEKCxCgoPPG2cWul6oBEgIBA-INEwid08nS3JCDAxWl5hYFHWWAAdG4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=tWm9i5Hxrxw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_L_pMyhPkY7YSuTd8QCWG__8QYnV7rxYjUkIhAEfWEL43uwd0PhKXBy7higVIbZiBmCXAMHCCyi8fHBYkAYd6EUrfrByPW5YqvbQYAQ&template_id=515&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9db577a9860a1cd40000000000000000%22,%222%22:%220x563bcb368ab943c50000000000000000%22,%223%22:%220x8007d56ae9a765e30000000000000000%22,%224%22:%220x9a925f65a7096f150000000000000000%22,%225%22:%220x7383aa0e08442df00000000000000000%22},%22debug_key%22:%229421317298271742194%22,%22debug_reporting%22:true,%22destination%22:%22https://docomo.ne.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211265111656%22],%2222%22:[%22true%22],%224%22:[%2212-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222444909887225167905%22}&andc=true

185 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request gaOWLp
reurl.cc/
9 KB
3 KB
Document
General
Full URL
https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f3607a5ebca90d189de9d9a0f68a588db5c038fd1c6dfdce5f3ad0ab25f86798

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 15 Dec 2023 05:37:04 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
target
https://cla2.cn/SpY
vary
Accept-Encoding Origin
x-request-id
ea076b02-a476-421b-b017-d255de68fb4d
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/
152 KB
26 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 15 Dec 2023 05:37:04 GMT
x-content-type-options
nosniff
content-encoding
br
age
4404991
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25648
x-served-by
cache-fra-eddf8230028-FRA, cache-nrt-rjtf7700059-NRT
x-jsd-version-type
version
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
storage.reurl.cc/stylesheets/rwd/
2 KB
1 KB
Stylesheet
General
Full URL
https://storage.reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 02:53:23 GMT
content-encoding
gzip
via
1.1 google
age
9821
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
904
x-request-id
4de360eb-81df-441e-8af5-57b02230b809
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
ats.js
anymind360.com/js/9479/
181 KB
43 KB
Script
General
Full URL
https://anymind360.com/js/9479/ats.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f6c1aa49a5666d3e6e3998ef14751062a401fb45323d3a80d7bb0afecf0b0872
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 14 Dec 2023 09:12:09 GMT
date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
73495
x-guploader-uploadid
ABPtcPoOulXFMbxtMW3_1ojS0Iu-HrIg38MAFf1Kq0zHQDWt_C-mVA03x10PLsC21KO3I4TuJ05i_HtchQ
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43095
x-served-by
cache-tyo11954-TYO, cache-nrt-rjtf7700060-NRT
last-modified
Wed, 13 Dec 2023 09:45:54 GMT
server
UploadServer
x-timer
S1702618625.507642,VS0,VE0
etag
"e72b07c558bc8728eefd5f440f0b9622"
vary
Accept-Encoding
x-goog-generation
1702460754270910
x-goog-hash
crc32c=8F8jdg==, md5=5ysHxVi8hyju/V9EDwuWIg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
43095
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
35, 53
pixel.js
storage.reurl.cc/javascripts/
429 B
530 B
Script
General
Full URL
https://storage.reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:28:26 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
18518
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
429
x-request-id
af508d3d-4931-4dc7-8a9e-d50ea332c040
ga2.js
storage.reurl.cc/javascripts/
536 B
630 B
Script
General
Full URL
https://storage.reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 02:59:24 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
9460
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
536
x-request-id
c83cf02c-625b-4c25-a8aa-f635c38d94f6
js
www.googletagmanager.com/gtag/
278 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
be7d6c3760ef09b16b7f89b3037b2b96ac05b23a9cd6c52944a4bbdfb7040429
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93917
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Dec 2023 05:37:04 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
90 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
addc9ac5a210b45df2df56baa4a6ce12ad514c1826ccacd468c7b9c9b218cbff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29456
x-xss-protection
0
server
cafe
etag
111 / 19706 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 05:37:04 GMT
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/
84 KB
33 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 15 Dec 2023 05:37:04 GMT
x-content-type-options
nosniff
content-encoding
br
age
4412018
x-jsd-version
2.5.16
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33184
x-served-by
cache-fra-eddf8230020-FRA, cache-nrt-rjtf7700059-NRT
x-jsd-version-type
version
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
renews.js
storage.reurl.cc/javascripts/
412 B
406 B
Script
General
Full URL
https://storage.reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:26:37 GMT
content-encoding
gzip
via
1.1 google
age
18627
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
286
x-request-id
53a5df70-4531-4fd1-946b-87c557b78393
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
loading.js
storage.reurl.cc/javascripts/
134 B
230 B
Script
General
Full URL
https://storage.reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:12:35 GMT
content-encoding
gzip
via
1.1 google
age
19469
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134
x-request-id
2a8a3d98-3deb-4f02-8591-12e925dcf959
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
page.php
www.facebook.com/plugins/ Frame 2975
101 KB
27 KB
Document
General
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
392528f2d2355a88ac20203a4a58b28ffeb4a4ebb07491f0674553eed523a78c
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 05:37:04 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
Fi6qNwAplEqSWXt+m9RgTi9AB0br1YHwwm2d9I7D8xWTG3PKFJEzmdtxP50q8UwZf29BV7lLmSGUQ02ucC0oHg==
x-xss-protection
0
feeds
storage.re-news.tw/
7 KB
7 KB
XHR
General
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
4371540363ee4057ce880f4cabba16b2eadc29309528697a1a5debce615928a0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:04 GMT
via
1.1 google
x-powered-by
Express
etag
W/"1a31-BgnyY8QHNS53XcADmolWiGJLpqE"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6705
fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 15 Dec 2023 05:37:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
hIIt0Ur038ndWJZl2ZuOsPjbNXqqj2vccqzjzLtvYWwQigM0ny6VHHJm2ZzJPNAwJhSAdtjo8EdTkXfW2GbLkg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 04:42:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3255
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 15 Dec 2023 06:42:49 GMT
1675200226052423
connect.facebook.net/signals/config/
126 KB
33 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.138&r=stable&domain=reurl.cc
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
52ac73f3f70e5fb8aec73f2866f3549d1cacb6022b8710d6d432326571543bc0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 15 Dec 2023 05:37:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
33887
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
OZ2UTTuzJOQdpTI+vQW/qUFkxnlNW+EsRQclrXLazFvNJXl4Cz00QmkbXwr71/6q9WfUIHQMpLahbcd+fo9aOw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1702618624695&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1702618624693.1050623409&cs_est=true&pm=1&hrl=7a1c4f&ler=empty&it=1702618624675&coo=false&cs_cc=1&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 15 Dec 2023 05:37:04 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/
4 B
142 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=178330083&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1836210199&gjid=1194483521&cid=460386100.1702618625&tid=UA-102456694-1&_gid=1615450021.1702618625&_r=1&_slc=1&z=886341997
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=178330083&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MzEuMjA0LjE0NS4xNzE&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=460386100.1702618625&tid=UA-102456694-1&_gid=1615450021.1702618625&z=251999351
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 21:20:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
29809
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/
431 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 11:39:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
64673
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 13 Dec 2024 11:39:11 GMT
collect
stats.g.doubleclick.net/j/
7 B
347 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=460386100.1702618625&jid=1836210199&gjid=1194483521&_gid=1615450021.1702618625&_u=IEBAAEAAAAAAACAAI~&z=748203533
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c13::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 15 Dec 2023 05:37:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/
43 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 16 Dec 2023 05:37:05 GMT
ob.js
cdn-ima.33across.com/
11 KB
5 KB
Script
General
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
553210
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
835c55253c4de031-NRT
expires
Mon, 18 Dec 2023 05:37:04 GMT
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:27:09 GMT
content-encoding
gzip
age
252595
x-guploader-uploadid
ABPtcPqzcVVajkCDE4mbYC6pJbCSBO_uOHcQNDwWrnFGCUgCLmhLXn66E78ilU9rK9LWrtBnrTLSgnHiLrQcqT6KixOpglQdt4Df
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Wed, 11 Dec 2024 07:27:09 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
1 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:04 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
ea65ff583998bb0f4a0cdf379e4ce513
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-102.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 22:15:15 GMT
content-encoding
gzip
via
1.1 aaaa38f6638fefc2221f20ff18eceef2.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
26510
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
UUQXpc-bOeMcAQM9uhBlNSlA209gNDi9orKvqYePBXpVhTGTpYipNw==
ads
securepubads.g.doubleclick.net/gampad/
271 KB
69 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3293765971640957&correlator=779092113718995&eid=31079959%2C31080121%2C31079976&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847%2C13848%2C13856%2C14210&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702618624800&lmt=1702618624&adxs=245%2C1005%2C245%2C625&adys=455%2C108%2C108%2C108&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=1140x90%7C380x250%7C380x250%7C380x250&msz=1110x90%7C350x250%7C350x250%7C350x250&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=460386100.1702618625&ga_sid=1702618625&ga_hid=178330083&ga_fc=true&dlt=1702618624484&idt=288&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=81851380%2C1451399479%2C827794272%2C3242553145&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1645cad81d4bb76aa3fbd0ce39096969dff9bd1b54157e67b44726f3eb02048d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70645
x-xss-protection
0
google-lineitem-id
-1,-1,-1,6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
29 KB
12 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3293765971640957&correlator=779092113718995&eid=31079959%2C31080121%2C31079976&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702618624808&lmt=1702618624&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=195x-1&msz=195x-1&fws=512&ohw=0&ga_vid=460386100.1702618625&ga_sid=1702618625&ga_hid=178330083&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYnebp38YxSABSAghkEhsKDDMzYWNyb3NzLmNvbRid5unfxjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ynebp38YxSABSAghkEhcKCHJ0YmhvdXNlGJ3m6d_GMUgAUgIIZBIUCgVvcGVueBid5unfxjFIAFICCGQ.&dlt=1702618624484&idt=288&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=3261691140&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
afda040b9c4be8b58e9a50e55b5ef67ebb10a32f79fa0726f2472db9426d6797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12497
x-xss-protection
0
google-lineitem-id
6263003938
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138428653768
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6682
6 KB
3 KB
Document
General
Full URL
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 05:37:04 GMT
expires
Sat, 14 Dec 2024 05:37:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/
0
240 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702618624612&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=460386100.1702618625&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702618624&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=page_view&_fv=1&_ss=1&_ee=1&tfd=516
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
56 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=460386100.1702618625&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c13::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/
42 B
408 B
Image
General
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N394QBRGC0&cid=460386100.1702618625&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1&z=1086248246
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
85 B
193 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
2937482391e1d0c459728ab5318f3b019d5d7f85551169109a679eb705af3e4a

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-uLmCt/WIVsAKiikaVQPNLdTdRTs"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 15 Dec 2023 05:37:04 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://reurl.cc
location
/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
map
bcp.crwdcntrl.net/6/
156 B
608 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.4.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-4-93.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
8564ffcd269b752d68f22746edf53a1499ef2c26ed7a1fc9c8370d81753fbb87

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://reurl.cc
cache-control
no-cache
x-server
10.42.6.157
access-control-allow-credentials
true
content-length
156
expires
0
hixai_01.png
asset.re-news.tw/images/
50 KB
50 KB
Image
General
Full URL
https://asset.re-news.tw/images/hixai_01.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.23.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.23.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
05cab1d78cce8922cfc4b520eece4d1683d78f824894060dba4174c152f44d89

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:30:33 GMT
via
1.1 google
age
392
x-guploader-uploadid
ABPtcPqpHxPGd1-wRKfBDQ9asFZsw9qihfkmw636SONPd38PWFH4xfudOioJ9PIVZo7dJSEfiVckPwwJOpwMJIm9nOs_Yw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50782
last-modified
Wed, 13 Dec 2023 00:18:11 GMT
server
UploadServer
etag
"4bc4e9cf9ad6014d41500be13cd9346a"
x-goog-generation
1702426691735325
x-goog-hash
crc32c=YULtsQ==, md5=S8Tpz5rWAU1BUAvhPNk0ag==
content-type
image/png
cache-control
public,max-age=3600
x-goog-stored-content-length
50782
accept-ranges
bytes
2023121502200385.jpg
img.racingcharger.tw/wp-content/uploads/
213 KB
213 KB
Image
General
Full URL
https://img.racingcharger.tw/wp-content/uploads/2023121502200385.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.216.47.122 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
61-216-47-122.hinet-ip.hinet.net
Software
Apache /
Resource Hash
fd5ab52da021087bc78c866c8a8649b61d3f74e2f6273e6649892290f40ee5f4

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
last-modified
Fri, 15 Dec 2023 02:20:13 GMT
server
Apache
accept-ranges
bytes
content-length
217630
content-type
image/jpeg
Past_Present_Future_Bleeding__Tearing_Drifting_2.jpg
mma.prnasia.com/media2/2299944/
46 KB
46 KB
Image
General
Full URL
https://mma.prnasia.com/media2/2299944/Past_Present_Future_Bleeding__Tearing_Drifting_2.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:eec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7b58928a256bdfbdc2548ac328b873c1b760e5ca1ef4a0512cda6f618742ba6d

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:04 GMT
cf-cache-status
HIT
age
12749
x-powered-by
ASP.NET
server-timing
intid;desc=4c08a939787aa776
content-length
46777
cf-bgj
h2pri
last-modified
Fri, 15 Dec 2023 02:04:35 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=1
accept-ranges
bytes
cf-ray
835c5525ab9c684f-NRT
access-control-allow-headers
Content-Type
expires
Fri, 15 Dec 2023 02:04:36 GMT
2024-%E6%8E%A8%E8%96%A6%E9%AB%98%E5%9B%9E%E9%A5%8B%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2023/12/
46 KB
47 KB
Image
General
Full URL
https://creditcards.com.tw/wp-content/uploads/2023/12/2024-%E6%8E%A8%E8%96%A6%E9%AB%98%E5%9B%9E%E9%A5%8B%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
46a23cd639f37b428b14b531a517e30f365b123cdcb3a41761732ac2ab36af9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-ac
3.nrt _atomic_bur BYPASS
content-length
47280
x-nc
HIT bur 8
last-modified
Thu, 14 Dec 2023 07:35:40 GMT
server
nginx
etag
"bb996aa76103a24b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Sat, 13 Dec 2025 19:35:40 GMT
1702485020-1bc27f433ebc6179b82fbe0b9a18547b-840x525.jpg
img.gbyhn.com.tw/2023/12/
87 KB
87 KB
Image
General
Full URL
https://img.gbyhn.com.tw/2023/12/1702485020-1bc27f433ebc6179b82fbe0b9a18547b-840x525.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:6009 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1bd63170e4cba4a8408381a617375d2e60a2546c06adda69a9f484c73d58265

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132265
alt-svc
h3=":443"; ma=86400
content-length
88849
last-modified
Wed, 13 Dec 2023 16:30:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N77SEoYy1oBR1H2%2FFFVnooxdk%2B%2BDsQsTjtnR6QWyVsXt9PC6%2BbkXSvI7FSViodG6hF8N9xLYHzaAPrYmzeUvBAhfSMI2CT777EFtxCsktjdr%2Ba1TgsNldqMHamKmnEaba7OcjAeBJ923ZR%2BjbqKV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
835c5525a8708a8c-NRT
expires
Wed, 20 Dec 2023 16:33:36 GMT
renews-title1.png
re-news.tw/images/
24 KB
24 KB
Image
General
Full URL
https://re-news.tw/images/renews-title1.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.136.122 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
122.136.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
last-modified
Sun, 28 Nov 2021 04:19:19 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"61a30347-5fad"
content-length
24493
content-type
image/png
%E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8...
www.rayskyinvest.com/wp-content/uploads/
612 KB
612 KB
Image
General
Full URL
https://www.rayskyinvest.com/wp-content/uploads/%E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8C%E7%94%A8%E4%BF%A1%E7%94%A8%E5%8D%A1%E8%B2%B7%E4%B8%8B%E4%BA%BA%E7%94%9F%E7%AC%AC%E4%B8%80%E9%A1%86%E6%AF%94%E7%89%B9%E5%B9%A3-3-1140x570.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.190.31.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.31.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Fri, 15 Dec 2023 05:37:05 GMT
expires
Fri, 13 Dec 2024 14:34:34 GMT
last-modified
Sat, 02 Dec 2023 07:13:09 GMT
server
nginx
etag
"656ad905-98e3b"
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
626235
x-cdn-c
all
x-sg-cdn
1
file.png
static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/
248 KB
248 KB
Image
General
Full URL
https://static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c4:c200:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-seen-by
image-manipulator-7c76496fbd-bz6ff
date
Fri, 13 Oct 2023 11:18:20 GMT
via
1.1 google, 1.1 9801e8033d74f27768b5fc2b08beb3b4.cloudfront.net (CloudFront)
server
openresty/1.21.4.1
x-amz-cf-pop
NRT57-C2
age
5422724
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
gB8KrPOSNDhoZ4v9mRQDt64PVK5hSgpRR2xgAQf-rictSaK-5BRIfw==
content-length
253615
wix-tracer
2WhrxaKwv8p2lJNwgKmnBT7r70v
%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/
180 KB
181 KB
Image
General
Full URL
https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.236 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
strict-transport-security
max-age=31536000
x-ac
3.nrt _atomic_bur BYPASS
last-modified
Thu, 27 Apr 2023 05:06:22 GMT
server
nginx
etag
"644a02ce-2d1f7"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
184823
expires
Fri, 22 Dec 2023 05:37:05 GMT
nYpzKWqvlq9.css
static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/ Frame 2975
20 KB
5 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
990706829aa2bca47e97f5e8968b4cf8841c7c54c2ca26deb6be90dd62fc9310
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
nDPW/+31tCvFJ038ft3H3A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5201
reporting-endpoints
x-fb-debug
SGyv9nmKijksAFKaRzbC9Yiw5ZnAGrP/780GOi9tmDCI3IFyYbkEqTNf8N1MNIdci4UrZL37FxxL4IvLhzeMag==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 12 Dec 2024 22:12:56 GMT
V-GL57iHfEB.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/ Frame 2975
33 KB
7 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mEms5HNO4RW/YAm2lY0J/Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6478
reporting-endpoints
x-fb-debug
2FKOcdFgDuplfAzBKrSPAMlkPEdd5SjrCXl6DpmH/JlmoF8nPNHoIyzH9u1yNr56lus6tEeqaFWPDLtlmhm36Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 12 Dec 2024 23:18:02 GMT
XWfJpLVtDx_.css
static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,ja_JP/ Frame 2975
22 KB
5 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,ja_JP/XWfJpLVtDx_.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ad939677568b08c5be2f82a3eb6198c75a7f96b724aff7277e6fe82f110f842e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
PTlueuOjto5D6V99DNODvQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5062
reporting-endpoints
x-fb-debug
U66IzYkvORuotlJi/JudsQxE9CesP3RaKOAy1WtczPl67081rJWs7MnoiX83gzy52lSx3KHq0k0CKnOP8gsYBw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 16:39:22 GMT
LTP94XvPA2s.js
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ Frame 2975
354 KB
92 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/LTP94XvPA2s.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d8e65749a56b2ac5451d794970517649fc715938e7e65ce0d45d2380d8b53ab5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
exa45ghiiUhY/b9ztdoY1g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
93781
reporting-endpoints
x-fb-debug
b8ZSwzhut9rJRODjvAUGV0NHbhXNLhl62DGQBv3eBD42tsEEe222+tGjbamVhg1EDGsAsj103gOukmQVxNHuXA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:29:12 GMT
ZvbJLvqRjQB.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 2975
93 KB
27 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ZvbJLvqRjQB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
970bfb4004579c73787d2f2744ce0c8c66d202ffbfd553ce318f458fdcfec5c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
AcoVBXNEE77A/1jMZzYlSg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27054
reporting-endpoints
x-fb-debug
7y+fWAWNDzALttLCEWHJ3t+ykHFbQBa/42rebVLCflGGaCKnPJqpZmmI5vWxvV4QEIP4sQy1hfVQZmPLFkhIhQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 16:38:42 GMT
ecc9spa1308.js
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame 2975
9 KB
3 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/ecc9spa1308.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f276072e7a6c8d236837b6bb94ed110bb58715939479dde97a86aae4589cba78
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
j3QnMGCopCPPLhIdggoTYQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3153
reporting-endpoints
x-fb-debug
pWooLveasAIn76rf77WNNn1nVlpnl1F6zXfzxMXlXtDqobTtzdHHVcfvuFXRzzela+icchOWc9OrujNXW0BT9Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 12 Dec 2024 19:11:43 GMT
8bldmsbpAhD.js
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ Frame 2975
52 KB
17 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/8bldmsbpAhD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bee7ba056f5c932c33bc388aa4e7f9275e1b07d11cd6aae039dd274d2c99594
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4LY6iPvdsoz2sXdsRhqtTw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16955
reporting-endpoints
x-fb-debug
LAa2r9XSJVHmcF7Is6kHx7DdAq9p28Amrqe8VFjsJY0Tx8cbRqOAqWpF/t2swH6XQaKEHFwqiiZPb81OmC2s+g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 21:53:11 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 2975
507 B
1 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
reporting-endpoints
x-fb-debug
xfgMgiKBNsgcrx1lhN/KAu5TXMhdGyZN+axJ/V6pOqhxELvn5BK6ldlta88fpUHI22PCxZ55HcaQrQzpPfRI7w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 18:53:20 GMT
3mr-_N1X4DO.js
static.xx.fbcdn.net/rsrc.php/v3iLxq4/yi/l/ja_JP/ Frame 2975
28 KB
8 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLxq4/yi/l/ja_JP/3mr-_N1X4DO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f170477597d1e3c8d780789ece124ec1f6df29aa5efe45102401af3b660030f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mjvZ5joGpic7fey1cr75Fw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7933
reporting-endpoints
x-fb-debug
RMhFp29+mLdtErZTVaPfXK7HCyxzOzmvYuec8+MY32QrhmD4371adVgFGPuSYWtE6FXbq4Qkk8/en0SdL9EBAw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 02:32:00 GMT
KudK-WKp3ZH.js
static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/ Frame 2975
71 KB
20 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
phAMyoOpvbhoet00DvMWkg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20298
reporting-endpoints
x-fb-debug
V2nMxDNmmBVYt1ddnQGQMNaxsIehY2FpXDZoBdbSez1bMSAOcTxo6yEs5Wv3cuT6XKJ0lOXBe4a0mjapvjd4ww==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 30 Nov 2024 23:19:01 GMT
F3ylxRzKzIP.js
static.xx.fbcdn.net/rsrc.php/v3iUOk4/yq/l/ja_JP/ Frame 2975
348 KB
82 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUOk4/yq/l/ja_JP/F3ylxRzKzIP.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2d98213d5267f7ae207fd5d7469f0ffc82b2c1b413a0d066e1b004f200fccbab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
LSGSBavt6adw/jmnJ63Qxg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
83411
reporting-endpoints
x-fb-debug
yNWTeHaozaQqsGG5Qn2p4uvnMuKboWW56GskQCNseEwbXzpiZ8on5ALRz1TSwNCsYcIhicVLjhJOWSVnSgAN/A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 13 Dec 2024 20:51:54 GMT
TioQWlTZ3BG.js
static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/ Frame 2975
397 KB
94 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/TioQWlTZ3BG.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
aC8cw5hP/LLy3Ed3OJp1xQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
95634
reporting-endpoints
x-fb-debug
oLbxlQI3oDtVbvrJsptWyFdLFCxfF0/G087Hi5bym6g7yu9m4yZ03IV9hzDs3Ajl0FEGTOZTB2uYF/F0RSoXfg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 19:24:12 GMT
J7aoe9C-4TZ.js
static.xx.fbcdn.net/rsrc.php/v3iB1C4/yR/l/ja_JP/ Frame 2975
41 KB
12 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iB1C4/yR/l/ja_JP/J7aoe9C-4TZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2bd0ddcb6972531a5e93a4152a9903b859480510430ce5483008383d72f91ed2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
AWfjhjDfJZ6OWGsvInBIpw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12469
reporting-endpoints
x-fb-debug
jOwX82JYKfJRyZ6R9fIAbwFnDiFpwxBJT/85HmkCDs1jjTDuCpD1iggJ1d2qO8KPEBosec3/4TEpj9ueOzhx8A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 12 Dec 2024 19:14:03 GMT
Z2f98b5LabO.js
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ Frame 2975
208 KB
60 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/Z2f98b5LabO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
094519e9151eb01e7ce6adcb098638de24d0cf5f9182632d0f54c65a60a09e94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Y/4hCJa7rd4EIfTCw4cMWg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
60966
reporting-endpoints
x-fb-debug
JKRicFXUZRYyvQk9zkVm89wfuaPU7h7vm2aYIq4Nxtuw1X3rCKaE3hRnhO2Ijn6TMwFg5yXL3Bw7gKZOf03EMA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 12 Dec 2024 07:50:02 GMT
EjdAug5mQIB.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 2975
28 KB
7 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/EjdAug5mQIB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QpoZNtNrb1RRm+1fPhnrPA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7378
reporting-endpoints
x-fb-debug
UMVcWdPvWlAWKVQrbcCoxN+kSDryNg+CAbPilhMPMb8w/8dBgo3amCwilMUy7yqpMUtxKqPsaicPCSrOvnCjDA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 10 Dec 2024 06:33:46 GMT
-U6CwrkFkLw.js
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame 2975
19 KB
7 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/-U6CwrkFkLw.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6eafd5ec6725e90f6b921677cd3a321fb46813d8252eef1a9858c453a648b0c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5wlfDrXyDMlD8JmH+DbWqQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6829
reporting-endpoints
x-fb-debug
EblvZk3cztYR1/3ntU3D4kgcsVWfrtACJqxKkLhDrFx3LfPf/YnW38yAXf6Ep+EJRVmV37FVpci0VoUGo92h+g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 16:39:22 GMT
HzxD9aAXSyD.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 2975
55 KB
15 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
oRcNmPqvdkv3ysBSBC5rSQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15157
reporting-endpoints
x-fb-debug
E7HEf7GE1ouopcherERCdwAkmePXk9XADW+70gW4hvK1MnxHRafsiahYIKBQckTmsCVot1DjzSp1e5hRD+1m9A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 03 Dec 2024 22:48:21 GMT
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=460386100.1702618625&jid=1836210199&_u=IEBAAEAAAAAAACAAI~&z=307414260
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/
42 B
107 B
Image
General
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=460386100.1702618625&jid=1836210199&_u=IEBAAEAAAAAAACAAI~&z=307414260
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
325141786_6140032619364934_7377705774471631398_n.jpg
scontent-itm1-1.xx.fbcdn.net/v/t39.30808-6/ Frame 2975
16 KB
17 KB
Image
General
Full URL
https://scontent-itm1-1.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=081abc&_nc_ohc=_hym2Po8y4sAX9fApmG&_nc_ht=scontent-itm1-1.xx&edm=ADwHzz8EAAAA&oh=00_AfD1sD89gvQAbWEuUhetQFVka1oq3Rux0YH3SDKz7XNF9A&oe=65816E85
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f04e:f:face:b00c:0:3 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:04 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Fri, 13 Jan 2023 04:15:10 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1433450679
thrift_fmhk
GBAVr21o7FKkUNKXKsW5IOgfFeq3uckLAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2910780274
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
16853
305964663_450890893727816_1742559653774706626_n.jpg
scontent-itm1-1.xx.fbcdn.net/v/t39.30808-1/ Frame 2975
1 KB
1 KB
Image
General
Full URL
https://scontent-itm1-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=4da83f&_nc_ohc=6DQ8whkoxpEAX_RJqBo&_nc_ht=scontent-itm1-1.xx&edm=ADwHzz8EAAAA&oh=00_AfBR4WvB7Cuzdgk9EgLxLjbY8e0mTv3kI3l2yCZUfvEUiA&oe=65802E15
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f04e:f:face:b00c:0:3 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:04 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Thu, 08 Sep 2022 19:16:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2540016234
thrift_fmhk
GBBuInxWv/H3KKPev1vnnVEuFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
88386505
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1345
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 2975
573 B
714 B
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:04 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
reporting-endpoints
x-fb-debug
ZD3QxG4H8eTNbhHaKOzszlH4EtHKvLShzewdJeBbNtZmfDVFH+Y9gPvS5cqCqRkE52XvbU/eG5BqgT6K7eJRzw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 Dec 2024 21:03:22 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame 2975
95 KB
22 KB
XHR
General
Full URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2FgaOWLp%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19706.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010440713&__s=%3A%3Acdy5d2&__hsi=7312691308914338813&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__csr=&__sp=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2f77af6d36a569b80c5917f91babae462d09b0c0c958a5d94c80e7f674ccc9a4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
wM_GzEA5T5VW6gkF4PDHBr
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 05:37:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
3OOxhYFPIeKUcO2j6sw7l6ZGTTYQppgmFn4ipQCNykh5kykuJYaWrC0afnRGqyQ9ETKpQqjGSITG3NQKXAlG3g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/platform/plugin/page/logging/ Frame 2975
955 B
856 B
XHR
General
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
38577598c11efc70455e3b0408f192fd4511b9c6ef6122271e3717b17c312ace
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
wM_GzEA5T5VW6gkF4PDHBr
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 05:37:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
FQx1yERSxy92O/g6cvgIyhkAuBazNET0BFCtcl0UfVXzaU+T4L16LUlg25zV8Q1gCEyP4+YAPqyGqAUKwt2csg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 2975
955 B
662 B
XHR
General
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6db7adc0a3e4b7cacff9f72a5dfa15ae3c907268cf068d49c87b159c60b2395c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
wM_GzEA5T5VW6gkF4PDHBr
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 05:37:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
dTeS6VhFt8uq0SrQ+Q92vnnySOd6GL3X9/dKMx7/1+dtWpFVfkpuy1JrmLB/Kbs2kPm7jSECvd0LwpZdveFtgg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 2975
12 KB
12 KB
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:05 GMT
x-content-type-options
nosniff
content-md5
Bsv/k/2TeJemYEeLUt4www==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12027
reporting-endpoints
x-fb-debug
9K4FVCzo+HBwGo/nn3SMybjMfx6IrRqxvjei+QzmZ4nC4zuFaBocqjCD3RyBAkw11cyzeYp/iIJ8zuTN2YIBRg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 11 Dec 2024 20:21:50 GMT
xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 2975
1 KB
1 KB
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:05 GMT
x-content-type-options
nosniff
content-md5
rB4cTW8WNZcBsFntToJGtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1315
reporting-endpoints
x-fb-debug
B4HTGQ8+lgFXoP4gLeSnwqSjSEJO/Zl+YNLjxf7ZNPD8mam0snchpe5q3k9M4yU4g3+9Q+hej9DQoYa1pIm8Tg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 01 Dec 2024 17:51:04 GMT
3cJdVUPPYYa.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 2975
12 KB
4 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/3cJdVUPPYYa.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/LTP94XvPA2s.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2ca9b8154eda919124700c5a189c42215aa9be89ba443d7d2fee713ed5a99ba5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
1jYr6PPRerxjrIuPgxXYYw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3454
reporting-endpoints
x-fb-debug
TdVJ+gTMcrZkxwGdyWVCLyVjPiKTTagZUAorUuzJc1z/xx3KKx/dHjvxKfKjrSAqsrNZieFCITCS3jP5Nbt9yg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 13 Dec 2024 20:51:54 GMT
mRZlwFC1QDw.js
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame 2975
339 KB
73 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/mRZlwFC1QDw.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/LTP94XvPA2s.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3abc2cf308effad347741a64ceb2e89090062f1a1435e68b471177f87800f7e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
2k6Ks11FVMK6XbgZRYfiYA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
74654
reporting-endpoints
x-fb-debug
9DqRwzLbZlUxhHjzF3EHVqR6HOj0iDoYMAllSW1Ofpw2PE/QVjnWlbjhNIRRqmwQCU60nsnLlQJkalKbEJXlDA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 20:22:58 GMT
QQEU1-TaC4N.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 2975
2 KB
1 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/QQEU1-TaC4N.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/LTP94XvPA2s.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uDyhM5TI+HxzvqrjM1/g4w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
898
reporting-endpoints
x-fb-debug
jZbnD5UT6OlBDFq1rVzl64XM0J8M5Jd+r/URSNlX8LsuWe1iL3rWwXYl7ADLhm2A3Y1usGOx9g4D9oEsIfRnAw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 12 Dec 2024 23:20:02 GMT
syncframe
gum.criteo.com/ Frame 4861
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
6c2fb26a735ec81c19e5078d61251379be634e324f416ca9e679725b318ff913
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 05:37:05 GMT
server
Kestrel
server-processing-duration-in-ticks
414666
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
view
securepubads.g.doubleclick.net/pcs/ Frame AABD
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlgjrIOyx1j9GXVMR7jqJ_SnhCl1pR-rgg2n_ohB7pCjPoxWCx3iAa1ZBbSb6YfGYmJTQPKvuHCTWT9iR-c2qSu5sQAsJhqgk2Y6t19DTORMJHqakelU8OZb5-C-YOoIYXRs0YXQlkHH40uzzcHy2vcLGMqQOHNdBpLD65Gi3FD_sGjNOpjoKVRpNzvkgKdPNmGgdnxmGmXYvGc6Gn2SnO3yngJicvYMVToyGb6OLknOyEu6xnjXtD-5NLoJJekTav7UT_SuCeyUAl-RMZ2Kf3ubW4-IkqqgA0BV25iNsHzpk-BznBwL5NUFBBuMd162iNwPdGftA4ehoyhgWbSfPIZ1QHNihdBnRljkn69XNe8hG8gA2lBrwbhkPzRo1GQgqOMndX9A&sai=AMfl-YR8A0k0VI4_XYpfUX4BlLtgRAXP-gLv3raELDZW37UIc-RSC1fJc_1F1hpt58Z31fMTJLoh91C-mvHSSaQLkw74tzwt8Ben4MdR2b0n6V4oZdXHoxLlU4Sh6uGHkNO0gkLu-1CjM3Nd9lwwuLhNfQY&sig=Cg0ArKJSzOdDIpAHCN5WEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 15 Dec 2023 05:37:05 GMT
7942.js
cnt.trvdp.com/js/1250/ Frame AABD
535 B
898 B
Script
General
Full URL
https://cnt.trvdp.com/js/1250/7942.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.52.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-52-86.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 04:28:17 GMT
via
1.1 fe3f6acea2258e1e1f2aed009a7bb06a.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 15:54:16 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P2
age
5706529
etag
"f229c3a6991d60be41be6d40e220701e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
535
x-amz-cf-id
4FLwsDGXjDBjNI1yIdgRJlsSg7H2A3ctO5zfR8p8PiFKnFE1QNg-fQ==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame AABD
203 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 05:37:05 GMT
ieeHDjcGsIR.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 2975
213 B
353 B
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/LTP94XvPA2s.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:05 GMT
x-content-type-options
nosniff
content-md5
oSUZEsOZh+qyGbXjvLFs7Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
213
reporting-endpoints
x-fb-debug
PaQaxrrG/SwH/VCxoBLUJjuZVRObYZsc6u8gggjVxB+aLLJmRUd1odY1Hhf/Ee68u+Hm63Q7+IpSs0RaVwM7Eg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Tue, 03 Dec 2024 18:38:39 GMT
collect
analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702618624612&gcd=11l1l1l1l1&dma=0&cid=460386100.1702618625&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702618624&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=scroll&epn.percent_scrolled=90&_et=4&tfd=892
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame E804
484 B
724 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
948278f82eee06e6ab556c8f12fa917611a7c1b34383ab8311007849c4ab8965

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
307
content-type
text/html
date
Fri, 15 Dec 2023 05:37:05 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
www.facebook.com/login/ Frame 2975
0
0

7942.js
go.trvdp.com/init/
6 KB
6 KB
Script
General
Full URL
https://go.trvdp.com/init/7942.js
Requested by
Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1250/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-12.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 16:21:32 GMT
via
1.1 b3db53b8c0d360b6f708a44987d1b5ea.cloudfront.net (CloudFront)
last-modified
Sat, 25 Mar 2023 08:02:02 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
19919734
etag
"cec9f63f120ca9bc6868582a79e6b514"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
5845
x-amz-cf-id
nuY5v4pD-7G74MkfNjUWgapb4uYFHKrMsECBCB2m1YGQzdNKyGiJrQ==
p.php
stg.truvidplayer.com/
3 KB
2 KB
XHR
General
Full URL
https://stg.truvidplayer.com/p.php?sid=1250&wid=7942&cb=9804.426396472709&pid=5434&url=https%3A%2F%2Freurl.cc%2FgaOWLp
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-129.nrt12.r.cloudfront.net
Software
nginx /
Resource Hash
41b08e5fc1ec4c39221b1565d47711bab2f86150867c623d7fcc5164e5f1d5c2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
content-encoding
gzip
via
1.1 d0f0387f17e342499361c2e2e88948b2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT12-C2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
l3K32rTIr3iAY9cU2SgVKwZngmgCM2nN6aySnliFFnP6rEWPVGtdhQ==
sd
us-u.openx.net/w/1.0/ Frame E804
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=374ab549-2a0c-7d95-e8f5-a5e57f12a2ab&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=374ab549-2a0c-7d95-e8f5-a5e57f12a2ab&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=08956d7e-87b3-4f97-9b4a-769ca3ad51ed&ttd_puid=374ab549-2a0c-7d95-e8f5-a5e57f12a2ab&gdpr=0&gdpr_consent=
43 B
314 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=08956d7e-87b3-4f97-9b4a-769ca3ad51ed&ttd_puid=374ab549-2a0c-7d95-e8f5-a5e57f12a2ab&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=08956d7e-87b3-4f97-9b4a-769ca3ad51ed&ttd_puid=374ab549-2a0c-7d95-e8f5-a5e57f12a2ab&gdpr=0&gdpr_consent=
date
Fri, 15 Dec 2023 05:37:05 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame E804
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXvmAcCo8XwAAAJP.5EAAAAA
43 B
97 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXvmAcCo8XwAAAJP.5EAAAAA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Fri, 15 Dec 2023 05:37:05 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"31.204.145.171","key":"ZXvmAcCo8XwAAAJP.5EAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40141"}
X-SO-Key
ZXvmAcCo8XwAAAJP.5EAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40141
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXvmAcCo8XwAAAJP.5EAAAAA
Cache-Control
private
X-SO-HostName
a-ad40141.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng24.dc4p.scaleout.jp
X-SO-IP
31.204.145.171
sd
jp-u.openx.net/w/1.0/ Frame E804
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATy5_3YpjwFeks8AED1M4hbVHM8AAAGMa_p1Jg
43 B
97 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATy5_3YpjwFeks8AED1M4hbVHM8AAAGMa_p1Jg
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
via
1.1 01907e84d575a837511558aff20d73f2.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT57-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATy5_3YpjwFeks8AED1M4hbVHM8AAAGMa_p1Jg
cache-control
no-cache
content-length
0
x-amz-cf-id
6S0X3XabIVZ99qP3pSd_3ur_MQk2hv7Wm0HApeVqqCfc-2QhGmLb4Q==
expires
-1
pixel
cm.g.doubleclick.net/ Frame E804
170 B
409 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWIyNTY2ODMtZTM3Yi0yMzMxLWZkMTUtZmY1Y2I1ZjA2Y2Ni
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E804
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKwGHKVUj6yAvk6Vu3V_vog&google_cver=1
43 B
97 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKwGHKVUj6yAvk6Vu3V_vog&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKwGHKVUj6yAvk6Vu3V_vog&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2EC1
6 KB
3 KB
Document
General
Full URL
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 05:37:04 GMT
expires
Sat, 14 Dec 2024 05:37:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 59D1
6 KB
3 KB
Document
General
Full URL
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 05:37:04 GMT
expires
Sat, 14 Dec 2024 05:37:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/login/ Frame 2975
0
0
Document
General
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/LTP94XvPA2s.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 15 Dec 2023 05:37:05 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
Mtq/Ycbc9AB2dpIrSrIbKnhfpf0745lrplkRyX01rTBxw7hRUJfQLzlGjdFvmMZqkWHWE1oWazbFdJPrdvRsFw==
x-frame-options
DENY
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame A59D
196 KB
56 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 20:40:31 GMT
age
550594
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Dec 2024 20:40:31 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame A59D
15 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 14 Dec 2023 15:49:45 GMT
age
49640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 13 Dec 2024 15:49:45 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame A59D
95 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 19:42:59 GMT
age
208446
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Dec 2024 19:42:59 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame A59D
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 09 Dec 2023 20:42:23 GMT
age
464082
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 08 Dec 2024 20:42:23 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame A59D
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 14 Dec 2023 15:53:22 GMT
age
49423
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 13 Dec 2024 15:53:22 GMT
truncated
/ Frame A59D
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e235a512fecfaf2fff7c4eea48734fb1ce79c2a636ae0b1b0cb0d3eee0cb9d1e

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 62E5
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcyn5jk58sJr9feymJlmal14dTTtkL7BZsP5JCRw_YZTBdrHil9ekSltoFnOhhCaQmhLP-_h4vsTSj-IEW0gEbXH0S9AOUAXOs5HpO2nju_js94RIdDe4yqfcg29ApaIUPJU1V4esU3YxZYlOHvu9Pot5LXiVt9d2jL9NW3gpE95JZ0wcF0n6SvTO0qgOPWAtM65fd5JGJNqdL8h8DIRaGB6YOKk-QNgTh-vqp4-y1tPlmyaYJhNypyMGG_HnwY4DRnQRpt_Qhj7BhsFgQRjCgmLbwiS3ihbVcxV0IWvl0mI3RyVdTcF3NRpsrMiQ0HgAEm0FI9nXfcAD66wk8v6GPSIWxUoLlzctyTVCiLObVslwNGEH6GO_D6tx1FFsF79A20vM0z8hen4M&sai=AMfl-YSaUmkBoO0GKl5p_w_B_8T_KaJFzV3C9LzRaQY2RKi8dNqE66TeGbeYWn85mgSWltzncFVDzv-qaAesHOE9Rbk3kU9U4T7DxN4BrEZhQfFefdRVWcfYovFKJrYkZvpOVN5uwT5y6v9HoWq2sq_TwxSG&sig=Cg0ArKJSzMIAuNYOYP99EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame 62E5
9 KB
10 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Fri, 15 Dec 2023 05:37:05 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
35
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
3OMN1Wnx5HtXAHc663VxhlNXhbJan7Ol_b12koRC2GeQ1WRv8BmE9w==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 62E5
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 05:37:05 GMT
12411325004320340915
tpc.googlesyndication.com/simgad/ Frame A59D
13 KB
13 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12411325004320340915?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkMcpoSZYJERZJaDCpFdJ5nFzVLMQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
331188fea1e94973bfa93294e0b753b0844232fdade9f93d85611dd1b19cf12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:48:35 GMT
x-content-type-options
nosniff
age
280110
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13199
x-xss-protection
0
last-modified
Tue, 06 Jun 2017 08:58:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Dec 2024 23:48:35 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A59D
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:37:46 GMT
x-content-type-options
nosniff
server
cafe
age
57559
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Fri, 15 Dec 2023 13:37:46 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A59D
344 B
474 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 19:42:57 GMT
x-content-type-options
nosniff
server
cafe
age
35648
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 15 Dec 2023 19:42:57 GMT
css
fonts.googleapis.com/ Frame 2EC1
962 B
879 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%8C%BA%E5%A4%A7%E3%80%900%E3%83%AB%E3%82%8A%EF%BC%91T%E3%83%83%E5%93%81%E3%83%A7%E3%80%91%E7%94%BA%E3%83%93%E3%81%B9%E5%8F%97%EF%BD%9E%E5%85%AC%E3%83%B3%EF%BC%AB%E3%81%91%E3%83%94%E3%81%8F%E6%99%829%E3%82%B0%E5%BA%97%E3%83%89%E3%82%B7%E7%9B%AE%E3%83%A2%E9%96%8B%E3%81%8B%E3%82%93%E9%9A%8E%E8%88%97%E5%86%85%E5%8F%96%E3%83%97%E5%88%86%E4%BA%95%E5%8F%AF%E9%85%8D%E3%82%B3%EF%BC%93%20%E5%9C%9F%EF%BC%8D%E4%B8%81%EF%BC%94N%E5%B7%9D%E5%AE%85%E5%BC%8F1%E2%88%92%E5%9C%B0
Requested by
Host: 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
URL: https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63d5839339ba5bae9d1058ea6cf1639f8050a6e2548f76c44f13a49666e6a9d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Dec 2023 05:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 05:37:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Dec 2023 05:37:05 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2EC1
2 KB
875 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
URL: https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 05:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
86152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Dec 2023 05:41:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 2EC1
24 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
URL: https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 05:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
86152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Dec 2023 05:41:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2EC1
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
URL: https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 05:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
86152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Dec 2023 05:41:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2EC1
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
URL: https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 05:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
86152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Dec 2023 05:41:13 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 2EC1
225 B
330 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
URL: https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 15:43:33 GMT
x-content-type-options
nosniff
server
cafe
age
50012
etag
14085932017949564970
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Fri, 15 Dec 2023 15:43:33 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2EC1
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
URL: https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 05:37:05 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 2EC1
37 KB
16 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
URL: https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 05:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 12 Mar 2024 05:41:13 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame CE74
448 B
549 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMO9FRDwqeLgBRjru4OBAjAB&v=APEucNWH7EFFf2CmySKfygGBk1cj-h8CiLGpbhQxcPEF0jSsf7o_AKvpsa8OuIrgSxdHizkoeDTAi1kEMXFTmkF6eQD6u9zi0A
Requested by
Host: 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
URL: https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 05:37:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 59D1
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
URL: https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 05:37:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 59D1
42 B
401 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cx26DkR3wsG1K16KNgoekhqe2UzY7LlUyln_2_mFhG2693FNWNtRFCjnj1p3-7OP7tS8LB9tlb_XVrCao8V5CLDF52WQWH9j5OqD7B0L-DpUcZ9tw
Requested by
Host: 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
URL: https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 59D1
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
URL: https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 05:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
86152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Dec 2023 05:41:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 59D1
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
URL: https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 05:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
86152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Dec 2023 05:41:13 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 59D1
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
URL: https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 05:37:05 GMT
803190109232786791
tpc.googlesyndication.com/simgad/ Frame 2EC1
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/803190109232786791?w=100&h=100&tw=1&q=75
Requested by
Host: 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
URL: https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe5aec7794493f6a6be25e6641722624d2211a009c3e6c2c81cd3808d20e9de4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 02:11:36 GMT
x-content-type-options
nosniff
age
357929
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2026
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 01:44:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Dec 2024 02:11:36 GMT
truncated
/ Frame 2EC1
195 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2EC1
246 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2EC1
336 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame AABD
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d5d6f95ace2ff593b15d49d3260bfcf34bb73f17b62e4a0660743359908a365

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame AABD
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscrD30L3cm8iL0HErBJ3ivZqPxeCxoojTvfP0wx3BoS_puc_r2uEXdkgxoRobSXJTzRU76FNOsWCwzg4J3Nk_N_X8XF3Z5Vz0o5CcyeVzF0JSUGvbrUEIYrukjBAndYI8F0XGuKa5nH_lRcMyowHxE6eM1P3U0752i1TD4-qUC9EWfYV3xIw-3GTxUijcZ3tbtLMwmsiXE9biZZFfM5A0nCY2Un70_4kk8YeTdfJU535rcAaHqnulgaDH5D9cGL-g2MJW_VCBrYz1I7pk9oHunZYRSOgjuCVhv7JdO6CmHOR4s4wFyPLRPaChnaTX0N1WE1jfkUsmAhX1eDo5kWSr58Wg0lVfkTKsSaxLmGMGxcLHORDchFv6GhtVEPTbCn9HLrLffr253&sai=AMfl-YSrVvYtAmXAXm28-n0-fZCSfHsY6O6bQPviFP9pwzfs_HE_VZCU89tB1q9B8cnCZ7PU3DMHR4LLXm01pD6ss6NivjQVanSzYW1Q24dRSo2c93nk074d12g-LKUvXCKkXCVEWW-0A2hXO2kwThGPHXg&sig=Cg0ArKJSzBWK3UEfirKWEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 15 Dec 2023 05:37:05 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame DE60
10 KB
10 KB
Document
General
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
58
content-length
9921
content-type
text/html
date
Fri, 15 Dec 2023 05:36:08 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
x-amz-cf-id
wv0TmQDBgXcJvW6y3y7xJc6YcjHVqUfF6I1NHeK2ohXPfDFdq0RGXA==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 12AA
11 KB
11 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Fri, 15 Dec 2023 05:36:48 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
47
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
tuQTKWN14BLPh5U7CXspPEwBUjW0AGY0hCf82b3PWky53nCvhrUXNg==
truncated
/ Frame 2EC1
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77eb7312e6dc1e090e7c68fc8e2d109272834b3f292006a5c6ae29c1cb5305c2

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 62E5
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dda6442ecddc4228446095b161faa7883ecc260ddd59a6764e8ba3295218b95d

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
1NMA3KFv_pn.css
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,ja_JP/ Frame 2975
28 KB
6 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,ja_JP/1NMA3KFv_pn.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/LTP94XvPA2s.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6604d53f95876c8b7cabb0609501f5b453662e925a10a2e8002ecf3df5858439
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ezGDj5kiP5CE9Y1p9bUbww==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6352
reporting-endpoints
x-fb-debug
fqqA+KyUjztpf9yLiGyq5gSGUQ6M2Gj6PN+tRP/VsMQxz0guTRLWAU29W+4fsdCOyBX3MEGRgB1PgcJtJbDr8w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=0
expires
Tue, 03 Dec 2024 00:42:15 GMT
truncated
/ Frame 2975
2 KB
0
Stylesheet
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
a9YrLvzZUvA.js
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ Frame 2975
61 KB
0
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/a9YrLvzZUvA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/LTP94XvPA2s.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 05:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
52bESNm8GjIzxmwdT9e6pg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15973
reporting-endpoints
x-fb-debug
2Azj2mQhZ2eqLXr/XDYDHGapVkprWOvEz8qDJsZmQ93kk6NObHcMDUrui4B648Vy10zorVbCSBc6q6Lk5gpa7Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Wed, 11 Dec 2024 16:39:22 GMT
2_UQu_HhTQu.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 2975
0
0

ie38mp0O07P.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 2975
0
0

pixel
cm.g.doubleclick.net/ Frame CE74
Redirect Chain
  • https://s-cs.send.microad.jp/cs?key=google_1
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMO9FRDwqeLgBRjru4OBAjAB&v=APEucNWH7EFFf2CmySKfygGBk1cj-h8CiLGpbhQxcPEF0jSsf7o_AKvpsa8OuIrgSxdHizkoeDTAi1kEMXFTmkF6eQD6u9zi0A
Protocol
H2
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 15 Dec 2023 05:37:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length
0
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame CE74
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9FVT9yyTRs1JzOGetT1Es&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9FVT9yyTRs1JzOGetT1Es&google_cver=1&C=1
43 B
336 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9FVT9yyTRs1JzOGetT1Es&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMO9FRDwqeLgBRjru4OBAjAB&v=APEucNWH7EFFf2CmySKfygGBk1cj-h8CiLGpbhQxcPEF0jSsf7o_AKvpsa8OuIrgSxdHizkoeDTAi1kEMXFTmkF6eQD6u9zi0A
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2fJa462D0u4afSmV0%2Fa5sjegpTC1UUOmSwzKqyIIYLab5E2mueMNAh4ah4T5CmkqAx7g0eGLS4TtcLmeYwKRp5aaXCJWZ9IZyhigyHA%2FHRA%2BvYwRxoxUosOIwC8otGcRrn6L%2BeCiPiwaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
835c5529eafeaf9f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7KJt%2Fbtqm9Zoe5w7f1RgDqlp3Awjg36yS3oa27aCQD5UYxNAt9HYMrEUtCHLvytFgj6sV%2BJgbGycRzIId5b2RETUWjU7%2FlF%2B3n%2B6%2B8FJVvwC%2FijGIQfV56mugn5RMrhJ5ii1qXx36J38g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEN9FVT9yyTRs1JzOGetT1Es&google_cver=1&C=1
cache-control
no-cache
cf-ray
835c5529aac2af9f-NRT
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame CE74
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXvmAcrJFugJqOmp6FvjNAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9FVT9yyTRs1JzOGetT1Es&google_cver=1
43 B
772 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9FVT9yyTRs1JzOGetT1Es&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMO9FRDwqeLgBRjru4OBAjAB&v=APEucNWH7EFFf2CmySKfygGBk1cj-h8CiLGpbhQxcPEF0jSsf7o_AKvpsa8OuIrgSxdHizkoeDTAi1kEMXFTmkF6eQD6u9zi0A
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBxCEoyPcNVHrFgpmfJUFe0qImmMkd9x9h5kSXnyQrDZ1%2Bcz7LxlDkC2kg%2FX4XebZv70cWTJgGrNwfxL7U9%2BJkTMVd9dJydz6CXM0XwSHouxcxMHyDyUPLE4ogVyi4Fa60DV7SwZVZsjTw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
835c552a5b8eaf8b-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9FVT9yyTRs1JzOGetT1Es&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A59D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date
Fri, 15 Dec 2023 05:37:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
cm.lndata.com/ Frame DE60
35 B
470 B
Image
General
Full URL
https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 15 Dec 2023 05:37:05 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 0355
0
218 B
Document
General
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.11.114 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-11-114.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Dec 2023 05:37:05 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame D3E3
39 B
182 B
Document
General
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Fri, 15 Dec 2023 05:37:05 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
cm.js
fcm2.holmesmind.com/ Frame DE60
409 B
632 B
Script
General
Full URL
https://fcm2.holmesmind.com/cm.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.179.228.20 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-228-20.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 15 Dec 2023 05:37:05 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
utag.js
t.ssp.hinet.net/ Frame DE60
5 KB
3 KB
Script
General
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 15 Dec 2023 05:47:05 GMT
fp
cm-dev-poc.holmesmind.com/ Frame DE60
0
217 B
Image
General
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.11.114 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-11-114.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame DE60
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
496 B
Image
General
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:06 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

date
Fri, 15 Dec 2023 05:37:06 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-type
text/html; charset=UTF-8
location
https://c.holmesmind.com/cm?tc=getIn&
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
google
m.holmesmind.com/ml/ Frame DE60
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEDuGvXuJPM7HUmfOWHyxP6I&google_cver=1
0
466 B
Image
General
Full URL
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEDuGvXuJPM7HUmfOWHyxP6I&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
x-guploader-uploadid
ABPtcPqYocWCSuIAcWf41sMfueDTZ1ZOKG18S0mJAVBSkR_bucn3UkxeV7qzmC8iciMPzS4dXwHaVxybNzxXhjW-FE9daw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Fri, 15 Dec 2023 06:37:05 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEDuGvXuJPM7HUmfOWHyxP6I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
328
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
12411325004320340915
tpc.googlesyndication.com/simgad/ Frame A59D
13 KB
13 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12411325004320340915?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkMcpoSZYJERZJaDCpFdJ5nFzVLMQ
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
331188fea1e94973bfa93294e0b753b0844232fdade9f93d85611dd1b19cf12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:48:35 GMT
x-content-type-options
nosniff
age
280110
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13199
x-xss-protection
0
last-modified
Tue, 06 Jun 2017 08:58:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Dec 2024 23:48:35 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A59D
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 13:37:46 GMT
x-content-type-options
nosniff
server
cafe
age
57559
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Fri, 15 Dec 2023 13:37:46 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A59D
344 B
402 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 19:42:57 GMT
x-content-type-options
nosniff
server
cafe
age
35648
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 15 Dec 2023 19:42:57 GMT
bz
www.facebook.com/ajax/ Frame 2975
0
0

Preset.js
ad.holmesmind.com/adserver/ Frame 12AA
1 KB
673 B
Script
General
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 15 Dec 2023 05:37:05 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 12AA
30 KB
30 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Fri, 15 Dec 2023 05:36:48 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
58
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
v2JqtpvsjjbRiArXx3GUaEOJgXZwbV_eC1QFkYf7sljjt79hCpWQQw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 59D1
0
58 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6407657292922&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 59D1
0
56 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6407657292922&version=m202309260101&ct=76&x=1&cor=15540253701279805000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 59D1
79 KB
35 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6cmZRylRvg4Zf-1X24OLmuhuaG-MrmXv81WY-z6Lv8NApPhLQwxeO9lUQmQCeRRrg6h4pMyk1CCOvPeCKvFTaicD0hh5Nv3MfDIX5jZpEGKuPOvicekcowcUq3VpMiQ8GwpwwhkuBb4nFz5RkwpIXmLrYhBiY0f5dB9AMMvBRpMZpxK0&dbm_d=AKAmf-DblKHBwWqon1VW-rXFAOEYK56Ml7XBLIvkcYDcqLLwZYyPrnOywqGW1bJxILLj7y3Sg-ghUEBrBwCDoBC1WWfNnXkT0euOlR3X6DEWS7r0z0gP8tdTMTOWV1D7gwKL41i8y4Rh-ILRX0WUA82daogqRn8NjTZaG5JzVZXdQgT2Vgkj7r109OOJ5Nx3yYvmG6Px1CckbBSB65GmdI-Cy0CQVhY9wgh-IzHfzhJbWR89wD-Qr11yX9W0DEEDGYs2x07GQuWfg85FqH2Dc4adhcVKUQ6eEVOeRdGLDC62RTaG2ipMQh-wG9jti68dP8uLDG3FrMOquQEJGZeFudxoXkhXMnUEdv-UhW4M-w2pjyqZu4aeWUrzJakxLUUDKg1zXU-Bum8HA8zOgKqLd3l03ZerCdooPOCygnzdF5P-Mkh8RZzJPdQ7japXawt6RsrqdEiPYMMDGJ1G9ufQZIz0oN0v1ygAPgJfHhsUw51QlQY-tT4HV8CjlpT0l3wLEvZfjnw5goyKBxqMuPd-yp1KWdPKw7y0n963uB3tIhrttmgdoy01UODYvyziLkvYfpLtlY-jGIoU5p4IXm7b9nCve66Txhakp5kCjxVPkU2zfsxeMXTo1wxNDRLCvHbOXohI0ISqqTQgICEAkEfY4cBhnBPlUyl-QogOs7yMKo56ZExfo6nZwWRTjYPf_851x2uf6S1EurxE86q5DdTcISjn2njcA1Wel4y2SGBXlSgEEKPP3kEPkIgIYiu6p2T6Bu8gSpBX1VTuYX-plRYSniHObtA4CGE24OhBHi7HtwLVsPmC_NjJSEu5AiCOlkm4CB5WXBIO4R0OG4f_h1T7LAtF5e0cPJO8ILxvh5ILM0hlNkvO5O6pJx01DRLfgyfEKnDtiSMT8csqQeuPvA2kf6PL4KU7n-wd-8CdPepAJIb6G5nX0sGUdy4s7EDDNCSvkeXj7Wh_uOQPBTUe2uwNhsh0_2OuLMcaNd4x2vbxGbDsd7Lx-7S6w_EDdJzX6fXHQlKvaV1KWypj3lXuBlfPj9cGDXp6NkBcthZVb4n2rkQZR4VAEE-QtG4tafchuJU31hbVceuD1JmMXx15EZqh7OnCGekXn3cGG06LA9_UaObpz20rDOEEFvuUMiPK6aVBQ93cwwU7uQcLHeMkMeHeaWt2jdH-tHp22Rm_7gSyV4bVqLl4bTcciUUm3nA7uiKmOVPHT1RsE4jCj4WmN5Y9SiIN6dlWrJ-U4psfUsqGDhmN2BVXOEFaZ6H1ZAr8DJx4cfKTNokIS5zELy0AdMVenCQPM3NdPznu3UxVHlJWBWBcgOIoIa7fr0QZfQ_Cl83OhWmX3Gd5wLAnbvlLQvQbMIsRn2YcAbcaJ1o3iBYFWSlMLp3vk7uJhTQrwJgecSd2SICGfdlOxqOlUOiEuR4xvFMe1DTwFPd4x6V0ysja4pBk0F3nd2PhZDsN4I2mgRDUeU-kNELZe44SnH7cvvZrYxkxWAYrfwAPHRz__S2NIDDVdf3SSpER4ap8t6F-_SlvCXV0dCKq7acwtSHVoiHXs8ONqUON-H8TE6wQhT3jsIkG4ia73BwziqH9A3aXZ4lsUptsKwuLEyJ2oZsbQfvkUhsjuXNk0I9UUHRP8ntyV_zVRtckCAcBDxpin6PfDDSLW-j97TOma8FhXxb1ux4FjBlhOZOm40tt7osmEqZEFSZREGGWmzZWRD7U0zIMBH7sFE9z0E7rRUJES-2GI1Se80YbljTdbF8pSvgDrD-l4QXwEQoGFEyDf4nhRT3hGCRKjc6PQhgi_hz_U157Uqp3vSKh9ouBMj28vDpCyKzLEyNeeM4lYDdSw2W5-NKFAHjedfnJFG0lAXBrVtaAsu1CMaHzKmxHA9tRwprFVllCkAupOxblMsMJ0JcQbiCYqQ0ChLjzn7rKYfxgh48k_ynKuT-4I0HdgW2IKlhQmxEPwem310Zt5xZfFu4b31E7YFdZBanX8FGdQrg8hvMOfJJWjZ78WaP8eiUfAedVZnYJL6LsuFvE2W-pBZ5Q7SvnNiI0iLT1hAlKE4R09_fcKtwZ5CynJiRT8yuBhtscshTwKze-_H56tmtZPiqC-koOMH2kNnopoixK_2x0jt7GZpB32Rok4gUAI0AyDCDDIXUZS3hENRrX9SYjo3iizbpmLmeilzD3HmDvJJFA7UCqDxHzWQPd8fGOZL2b9qB3Em5Jz5lpoZ_bGFhdB1F1dSh1z_Jh1TSLtv9JOB8URo5uoInge-0t9llSP4_3xyibDc89AZrp7BkQFaqG1ZuBpQdwFnMxGRQbiJAJP1ITboRM06GwgL7I1H_4-_AzgDz2QtIEsWvYwFflkPNSJOLhP21dHeCMV2UeOHgR7z9OHwehF81dbGc-jGzKpAdPaJMK1s3FRGkCJ7fL6Q0TJlwXnSYNRmvFpf0pc8w-8amnBftUKBBRd_sM9VG69w3-u6jk0zf58TQUakdgXL5XjA5U8zcF1SQC8O3eScWIsyQEqbmhbgQQPfl17wzeo2qun2oUl1OF_wIdsoivSl3AYYOjrNVTcb-nKprsL3IaW2h1d2SjttFCSGBNYgn1apLz-EIN54IRHivpuYf-HXCJzllD2WO8BMOJiO4BWk1LelqVT1U3U3PZ4cqUvA7j-jGGPkF6nMGmXLI-EVAbm8q-LxSVLKiB29MB_9NteHoBq_aC5-wCz_DsZSrXcrgxBo3-_KYVZopdY68V6y80r_rXUXfn2CzDYsAuzepBTQhEcGuhf-jqtkJt2HdXh-cT4kqCE3CYFY9zPiLlgcXHrwgFDj7VmJ4qNzaVJd0Knl_9uI9Qd2cI7pwMdWRh9obvURDiMyrzU6F2_TCdozvzc4h_ZScgr9a9rEKwX-2tph5lyF7vacrDWp-GCNdfdrAX5Jy8cHWr_FDXM2WA97_D_fGr4CRz5KWtTYfgxdE3N7EbLd9ZhJbR0eZJad-wYZi7G5SjNOXwuXC07hanw0xt-5aOYS2jPYmKaxd9bFyQu4rMov1DD8ckwDYk3eCNS235lN32pHQKpNnqhYyq_MJgdxFVtXT_KOz7ghMczqnF3of0TeKMaUiFtllNTYwLTDqSzzc7e9-URza6PHF1gLhykWrDSvhLxp6sjuiEg0Gkn3f9TY3DWaY593J4FaMptBQ39XGNLNVWnysrrHt_fIr0KKtnZTZM9No-Q_CAH5OR_uA8_aWwcgdSXAm7yUm0wOvVTmnsch-WSg_tvvMVumoiHGZwrVv268ZWr5D975UW0axC7jb67z0GIpk614dwD6YNLCJJnNbxLoyGDTurK-UyK8OH8lkeAIHRJudApxdkrBIwczmoWpgGsFdjfOOstRFz2U3kNJthqh5RJpxaDTsuYlSrvH-mrG1ff1YB_iCq2OyTzWUcW1c3Oxu4aq_FNLTZFUBFoCXn2Paj5Qu1a4qHVSpT0vXS_Z1FQxYrliTw7z2NJ5nPX6buwEAIAcjypNdz-esvU835aheGGWlQNyS--p3loRQxTRPB-DyACPh86fuDAon8t-6OVtFWrAKbs9bmpYRumiImbKg4ahGsd-GvpNac1TxS-AK3_XAnUuF2FkkpwYsAswvCMydFVZB9WMlJL0jiJOpJuRTsrAGs21SRaxS9atxHO9d1dAaUCy-cXEOHTVRhLe_Cox8xFjDLINPUjhsNS180Xk-a2EhYMDkl7t3_XQ5N5gBanbmnh1fOFqrfaY1jbPsLr2kUgubXTHtl9TeSENVPSEA3bul0g7MfSDU5qvQ&cid=CAQSTwAvHhf_L_pMyhPkY7YSuTd8QCWG__8QYnV7rxYjUkIhAEfWEL43uwd0PhKXBy7higVIbZiBmCXAMHCCyi8fHBYkAYd6EUrfrByPW5YqvbQYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=15540253701279805000&adk=3047537734&idt=120&cac=0&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8500e346edfa5c3fff4163ea12186eeeb100f82a55f59e317ab99176d504937c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35438
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 4861
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=FO0THHw1MEV2cFdSUDJnWE9ZNEYwQVczUDBTSkpwT2VIRXpoT3ZoYXVqaHJNS2tVK3RUNzZpQmcxWldxTW9BVFMrWWdkRFA4UTlIZWV2U1hOWnhIVktFSHpzb05UM3F4T0grUTVCZytKWS8ySldQNkwrYnAyVDFNdWpDRG...
430 B
651 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=FO0THHw1MEV2cFdSUDJnWE9ZNEYwQVczUDBTSkpwT2VIRXpoT3ZoYXVqaHJNS2tVK3RUNzZpQmcxWldxTW9BVFMrWWdkRFA4UTlIZWV2U1hOWnhIVktFSHpzb05UM3F4T0grUTVCZytKWS8ySldQNkwrYnAyVDFNdWpDRGo5MkFmMUdFNWNQOEhxNFlqbER6ek9Gd0RlUTNyM1hHc2ZtbWFoQzExYmJicy9UZkczMEgyU0xCSGFuNFBiS2xTcEtLOFpiaXk4d1NDdXVoUlBSMGdBaTFtcjk2TUhZSFBkVE5obEdKK2N3NWQ1TEJvSHNEbEJqVkh4cW5VSDJ3bXd4VmI5RjEyblNQaXIrWDBYV3B2cUY4amRFeWpCZz09fA&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
175bf735a54eae5bed75416bd50d02e564eb89da5e1e1d71efd733eb484d8e04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1047186
expires
0

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=FO0THHw1MEV2cFdSUDJnWE9ZNEYwQVczUDBTSkpwT2VIRXpoT3ZoYXVqaHJNS2tVK3RUNzZpQmcxWldxTW9BVFMrWWdkRFA4UTlIZWV2U1hOWnhIVktFSHpzb05UM3F4T0grUTVCZytKWS8ySldQNkwrYnAyVDFNdWpDRGo5MkFmMUdFNWNQOEhxNFlqbER6ek9Gd0RlUTNyM1hHc2ZtbWFoQzExYmJicy9UZkczMEgyU0xCSGFuNFBiS2xTcEtLOFpiaXk4d1NDdXVoUlBSMGdBaTFtcjk2TUhZSFBkVE5obEdKK2N3NWQ1TEJvSHNEbEJqVkh4cW5VSDJ3bXd4VmI5RjEyblNQaXIrWDBYV3B2cUY4amRFeWpCZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
268965
content-length
0
expires
0
adview
securepubads.g.doubleclick.net/pagead/ Frame
0
0
Preflight
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CosgIAOZ7ZcyDNaXN29gP5YCGiA2g5rzPdL3-1sqAEmQQASDSzIEaYInzxYT0E6AB6OzP-ynIAQmpAtE7jPTERD4-4AIAqAMByAPLBKoErwJP0FruZSjjRAZ9RlAsVvi-axelojJi8as26v5ksbjVK139srwn8SlSRogKJw_t6aKAxwGbB-_HZrTdKfPkoaLD8boGdAF8eP4seIpDJ4oBqelFqHZ7muSvqIaI_qWL2oDPrZm8f8H9OCx5NXcV5IYxvgtyKmcc6WrH--FDuxNe5vN6ShOo0Yrjt2CZ0Bln696RtGK1sujca_FoY5TXYOyvd0cgAn15qlhPYQsfgyEN1al6i0KMwB_fED5WLs1gL_c4RgZN9tY-6wcSon4n-CZXWlMc-O_ocKv5o0-s4xrQDtbZ_4qU6J7hjxSSBHeWAJWODr6FwCerb92yivEHJ4T2dCspHBuRkwUgFYLdPA1eLTnIv5PbBaHE5hLhdS1iFeX_q2c07YQ82QbsSvHPf13ABO3Nx7HFBOAEAYgFoZHiiUySBQQIBBgBkgUECAUYBKAGLoAH6KSg2wSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCw_wTSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WPWQydLckIMDmglxaHR0cHM6Ly9zc3cud2ViLmRvY29tby5uZS5qcC9rYXpva3VjcC9pbmRleC5odG1sP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y29udGVudCZ1dG1fY2FtcGFpZ249Y3AyMDIzMTFrYXpva3WACgPICwGYDNu5usHEBKIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLaDBEKCxCgoPPG2cWul6oBEgIBA-INEwid08nS3JCDAxWl5hYFHWWAAdG4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=tWm9i5Hxrxw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_L_pMyhPkY7YSuTd8QCWG__8QYnV7rxYjUkIhAEfWEL43uwd0PhKXBy7higVIbZiBmCXAMHCCyi8fHBYkAYd6EUrfrByPW5YqvbQYAQ&template_id=515&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 15 Dec 2023 05:37:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 2EC1
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CosgIAOZ7ZcyDNaXN29gP5YCGiA2g5rzPdL3-1sqAEmQQASDSzIEaYInzxYT0E6AB6OzP-ynIAQmpAtE7jPTERD4-4AIAqAMByAPLBKoErwJP0FruZSjjRAZ9RlAsVvi-axelojJi8as2...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9db577a9860a1cd40000000000000000%22,%222%22:%220x563bcb368ab943c50000000000000000%22,%223%22:%220x8007d5...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9db577a9860a1cd40000000000000000%22,%222%22:%220x563bcb368ab943c50000000000000000%22,%223%22:%220x8007d56ae9a765e30000000000000000%22,%224%22:%220x9a925f65a7096f150000000000000000%22,%225%22:%220x7383aa0e08442df00000000000000000%22},%22debug_key%22:%229421317298271742194%22,%22debug_reporting%22:true,%22destination%22:%22https://docomo.ne.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211265111656%22],%2222%22:[%22true%22],%224%22:[%2212-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222444909887225167905%22}&andc=true
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x9db577a9860a1cd40000000000000000","2":"0x563bcb368ab943c50000000000000000","3":"0x8007d56ae9a765e30000000000000000","4":"0x9a925f65a7096f150000000000000000","5":"0x7383aa0e08442df00000000000000000"},"debug_key":"9421317298271742194","debug_reporting":true,"destination":"https://docomo.ne.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11265111656"],"22":["true"],"4":["12-15"],"6":["true"]},"priority":"500","source_event_id":"2444909887225167905"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 15 Dec 2023 05:37:05 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 15 Dec 2023 05:37:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9db577a9860a1cd40000000000000000","2":"0x563bcb368ab943c50000000000000000","3":"0x8007d56ae9a765e30000000000000000","4":"0x9a925f65a7096f150000000000000000","5":"0x7383aa0e08442df00000000000000000"},"debug_key":"9421317298271742194","debug_reporting":true,"destination":"https://docomo.ne.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11265111656"],"22":["true"],"4":["12-15"],"6":["true"]},"priority":"500","source_event_id":"2444909887225167905"}&andc=true
access-control-allow-origin
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/ Frame DE60
202 KB
53 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 15 Dec 2023 05:37:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
uLUdIVLQHYdfNEBk2ClFR+yJmiK4XIzoiMeKjBdDNfW69xyxt0kRfgKtzml87hAxlwjHptPLQzsLT8R7RIpk6Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
font
fonts.gstatic.com/l/ Frame 2EC1
26 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxrD03dVttNbQDvoXXhyRle_KSMW6l3nyUTMr7-RzI_PbJihVSLtt1znB77qsDrq33BB3agqNx4wIVJFtcMQzKahXJAhibh59jrN6XlkwfR-zQ7NiP4Jjo8E655pdSZTJ8F_sNpO877xH30guWlARzdnstQ5n6xyJdPMj9NofrqTX90fq5Vjo3VlDEUqCDyPq2pfg9FfvIjO02Wq4YrdEkXmFkpyWUCH6SU6VsmRM1y2RojnDmSo8ErToJo2vFAECHEXqWGrYLU8yiIVMg&skey=72472b0eb8793570&v=v52
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%8C%BA%E5%A4%A7%E3%80%900%E3%83%AB%E3%82%8A%EF%BC%91T%E3%83%83%E5%93%81%E3%83%A7%E3%80%91%E7%94%BA%E3%83%93%E3%81%B9%E5%8F%97%EF%BD%9E%E5%85%AC%E3%83%B3%EF%BC%AB%E3%81%91%E3%83%94%E3%81%8F%E6%99%829%E3%82%B0%E5%BA%97%E3%83%89%E3%82%B7%E7%9B%AE%E3%83%A2%E9%96%8B%E3%81%8B%E3%82%93%E9%9A%8E%E8%88%97%E5%86%85%E5%8F%96%E3%83%97%E5%88%86%E4%BA%95%E5%8F%AF%E9%85%8D%E3%82%B3%EF%BC%93%20%E5%9C%9F%EF%BC%8D%E4%B8%81%EF%BC%94N%E5%B7%9D%E5%AE%85%E5%BC%8F1%E2%88%92%E5%9C%B0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83704ea221d768433c683c3603f96b776147f5e5ee6cc9225efabb73d488efb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 01:54:46 GMT
x-content-type-options
nosniff
age
13339
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26204
x-xss-protection
0
last-modified
Tue, 02 May 2023 23:59:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Fri, 15 Dec 2023 01:54:46 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A59D
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CKR2sAOZ7Zc6DNaXN29gP5YCGiA2h2PXGad6A_pnGB6fF1YPHFRABINLMgRpgifPFhPQToAHN_pnsA8gBAqkC0TuM9MREPj7gAgCoAwHIAwiqBLQCT9CE12mwXWBnrsDczhK9sKEmmAVPAR7X_p0aY0bwm7_JQILupA9pYHzS9e0tV5XoWNZ5-d1Xv75BgvQNsyM14uJwuNxYXZLvZkaEQvWgroziTxmDbkxOyL1mUPqy_NDcQkOnYd7mfXkOrvPJdNMGB850jsdE3G5lfnsYUq3G0nzkn7RIF75gB5bQcFT9N8cq39SXvJa5kGzUP5UxT7EN3dWR2SDwV0XVdf1tw4DztU5x7rE8_f8kZO-MqHFrimNs1-Y0z5hgZYg3nHyGeFFbRGEMFC8qA3cTEN0Yphaiorj1B95cvIViGTHHTpETtCbD1wb9rQV0Et1U4TmiKU02fYCH8IpUFQkwvAqaVyC_bIbmKC-zQgggytjTOckiM9jzE1YM8tjJTlKS9XGMDKM2-PFrwM_ABOf6k5NT4AQBiAWP48OZAZIFBAgEGAGSBQQIBRgEoAYCgAebgeYTqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQrZoE0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlj1kMnS3JCDA5oJQmh0dHBzOi8vd3d3LmthYnVub2dha2tvdS5jb20vbGQvYWN0dWFsbHkvYzAzYS5waHA_Y29kZT10MDAxczJpY2hkY4AKA8gLAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLaDBAKChCQ-fz59tG_0jASAgED4g0TCJ_TydLckIMDFaXmFgUdZYAB0dgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2GOLMGQ&sigh=ayuUofx2OVc&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_L_pMyhPkY7YSuTd8QCWG__8QYnV7rxYjUkIhAEfWEL43uwd0PhKXBy7higVIbZiBmCXAMHCCyi8fHBYkAYd6EUrfrByPW5YqvbQYAQ&cbvp=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
pagead2.googlesyndication.com/bg/ Frame 93B8
51 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
464082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19719
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Dec 2024 20:42:23 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9db577a9860a1cd40000000000000000%22,%222%22:%220x563bcb368ab943c50000000000000000%22,%223%22:%220x8007d56ae9a765e30000000000000000%22,%224%22:%220x9a925f65a7096f150000000000000000%22,%225%22:%220x7383aa0e08442df00000000000000000%22},%22debug_key%22:%229421317298271742194%22,%22debug_reporting%22:true,%22destination%22:%22https://docomo.ne.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211265111656%22],%2222%22:[%22true%22],%224%22:[%2212-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222444909887225167905%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 15 Dec 2023 05:37:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 59D1
31 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6cmZRylRvg4Zf-1X24OLmuhuaG-MrmXv81WY-z6Lv8NApPhLQwxeO9lUQmQCeRRrg6h4pMyk1CCOvPeCKvFTaicD0hh5Nv3MfDIX5jZpEGKuPOvicekcowcUq3VpMiQ8GwpwwhkuBb4nFz5RkwpIXmLrYhBiY0f5dB9AMMvBRpMZpxK0&dbm_d=AKAmf-DblKHBwWqon1VW-rXFAOEYK56Ml7XBLIvkcYDcqLLwZYyPrnOywqGW1bJxILLj7y3Sg-ghUEBrBwCDoBC1WWfNnXkT0euOlR3X6DEWS7r0z0gP8tdTMTOWV1D7gwKL41i8y4Rh-ILRX0WUA82daogqRn8NjTZaG5JzVZXdQgT2Vgkj7r109OOJ5Nx3yYvmG6Px1CckbBSB65GmdI-Cy0CQVhY9wgh-IzHfzhJbWR89wD-Qr11yX9W0DEEDGYs2x07GQuWfg85FqH2Dc4adhcVKUQ6eEVOeRdGLDC62RTaG2ipMQh-wG9jti68dP8uLDG3FrMOquQEJGZeFudxoXkhXMnUEdv-UhW4M-w2pjyqZu4aeWUrzJakxLUUDKg1zXU-Bum8HA8zOgKqLd3l03ZerCdooPOCygnzdF5P-Mkh8RZzJPdQ7japXawt6RsrqdEiPYMMDGJ1G9ufQZIz0oN0v1ygAPgJfHhsUw51QlQY-tT4HV8CjlpT0l3wLEvZfjnw5goyKBxqMuPd-yp1KWdPKw7y0n963uB3tIhrttmgdoy01UODYvyziLkvYfpLtlY-jGIoU5p4IXm7b9nCve66Txhakp5kCjxVPkU2zfsxeMXTo1wxNDRLCvHbOXohI0ISqqTQgICEAkEfY4cBhnBPlUyl-QogOs7yMKo56ZExfo6nZwWRTjYPf_851x2uf6S1EurxE86q5DdTcISjn2njcA1Wel4y2SGBXlSgEEKPP3kEPkIgIYiu6p2T6Bu8gSpBX1VTuYX-plRYSniHObtA4CGE24OhBHi7HtwLVsPmC_NjJSEu5AiCOlkm4CB5WXBIO4R0OG4f_h1T7LAtF5e0cPJO8ILxvh5ILM0hlNkvO5O6pJx01DRLfgyfEKnDtiSMT8csqQeuPvA2kf6PL4KU7n-wd-8CdPepAJIb6G5nX0sGUdy4s7EDDNCSvkeXj7Wh_uOQPBTUe2uwNhsh0_2OuLMcaNd4x2vbxGbDsd7Lx-7S6w_EDdJzX6fXHQlKvaV1KWypj3lXuBlfPj9cGDXp6NkBcthZVb4n2rkQZR4VAEE-QtG4tafchuJU31hbVceuD1JmMXx15EZqh7OnCGekXn3cGG06LA9_UaObpz20rDOEEFvuUMiPK6aVBQ93cwwU7uQcLHeMkMeHeaWt2jdH-tHp22Rm_7gSyV4bVqLl4bTcciUUm3nA7uiKmOVPHT1RsE4jCj4WmN5Y9SiIN6dlWrJ-U4psfUsqGDhmN2BVXOEFaZ6H1ZAr8DJx4cfKTNokIS5zELy0AdMVenCQPM3NdPznu3UxVHlJWBWBcgOIoIa7fr0QZfQ_Cl83OhWmX3Gd5wLAnbvlLQvQbMIsRn2YcAbcaJ1o3iBYFWSlMLp3vk7uJhTQrwJgecSd2SICGfdlOxqOlUOiEuR4xvFMe1DTwFPd4x6V0ysja4pBk0F3nd2PhZDsN4I2mgRDUeU-kNELZe44SnH7cvvZrYxkxWAYrfwAPHRz__S2NIDDVdf3SSpER4ap8t6F-_SlvCXV0dCKq7acwtSHVoiHXs8ONqUON-H8TE6wQhT3jsIkG4ia73BwziqH9A3aXZ4lsUptsKwuLEyJ2oZsbQfvkUhsjuXNk0I9UUHRP8ntyV_zVRtckCAcBDxpin6PfDDSLW-j97TOma8FhXxb1ux4FjBlhOZOm40tt7osmEqZEFSZREGGWmzZWRD7U0zIMBH7sFE9z0E7rRUJES-2GI1Se80YbljTdbF8pSvgDrD-l4QXwEQoGFEyDf4nhRT3hGCRKjc6PQhgi_hz_U157Uqp3vSKh9ouBMj28vDpCyKzLEyNeeM4lYDdSw2W5-NKFAHjedfnJFG0lAXBrVtaAsu1CMaHzKmxHA9tRwprFVllCkAupOxblMsMJ0JcQbiCYqQ0ChLjzn7rKYfxgh48k_ynKuT-4I0HdgW2IKlhQmxEPwem310Zt5xZfFu4b31E7YFdZBanX8FGdQrg8hvMOfJJWjZ78WaP8eiUfAedVZnYJL6LsuFvE2W-pBZ5Q7SvnNiI0iLT1hAlKE4R09_fcKtwZ5CynJiRT8yuBhtscshTwKze-_H56tmtZPiqC-koOMH2kNnopoixK_2x0jt7GZpB32Rok4gUAI0AyDCDDIXUZS3hENRrX9SYjo3iizbpmLmeilzD3HmDvJJFA7UCqDxHzWQPd8fGOZL2b9qB3Em5Jz5lpoZ_bGFhdB1F1dSh1z_Jh1TSLtv9JOB8URo5uoInge-0t9llSP4_3xyibDc89AZrp7BkQFaqG1ZuBpQdwFnMxGRQbiJAJP1ITboRM06GwgL7I1H_4-_AzgDz2QtIEsWvYwFflkPNSJOLhP21dHeCMV2UeOHgR7z9OHwehF81dbGc-jGzKpAdPaJMK1s3FRGkCJ7fL6Q0TJlwXnSYNRmvFpf0pc8w-8amnBftUKBBRd_sM9VG69w3-u6jk0zf58TQUakdgXL5XjA5U8zcF1SQC8O3eScWIsyQEqbmhbgQQPfl17wzeo2qun2oUl1OF_wIdsoivSl3AYYOjrNVTcb-nKprsL3IaW2h1d2SjttFCSGBNYgn1apLz-EIN54IRHivpuYf-HXCJzllD2WO8BMOJiO4BWk1LelqVT1U3U3PZ4cqUvA7j-jGGPkF6nMGmXLI-EVAbm8q-LxSVLKiB29MB_9NteHoBq_aC5-wCz_DsZSrXcrgxBo3-_KYVZopdY68V6y80r_rXUXfn2CzDYsAuzepBTQhEcGuhf-jqtkJt2HdXh-cT4kqCE3CYFY9zPiLlgcXHrwgFDj7VmJ4qNzaVJd0Knl_9uI9Qd2cI7pwMdWRh9obvURDiMyrzU6F2_TCdozvzc4h_ZScgr9a9rEKwX-2tph5lyF7vacrDWp-GCNdfdrAX5Jy8cHWr_FDXM2WA97_D_fGr4CRz5KWtTYfgxdE3N7EbLd9ZhJbR0eZJad-wYZi7G5SjNOXwuXC07hanw0xt-5aOYS2jPYmKaxd9bFyQu4rMov1DD8ckwDYk3eCNS235lN32pHQKpNnqhYyq_MJgdxFVtXT_KOz7ghMczqnF3of0TeKMaUiFtllNTYwLTDqSzzc7e9-URza6PHF1gLhykWrDSvhLxp6sjuiEg0Gkn3f9TY3DWaY593J4FaMptBQ39XGNLNVWnysrrHt_fIr0KKtnZTZM9No-Q_CAH5OR_uA8_aWwcgdSXAm7yUm0wOvVTmnsch-WSg_tvvMVumoiHGZwrVv268ZWr5D975UW0axC7jb67z0GIpk614dwD6YNLCJJnNbxLoyGDTurK-UyK8OH8lkeAIHRJudApxdkrBIwczmoWpgGsFdjfOOstRFz2U3kNJthqh5RJpxaDTsuYlSrvH-mrG1ff1YB_iCq2OyTzWUcW1c3Oxu4aq_FNLTZFUBFoCXn2Paj5Qu1a4qHVSpT0vXS_Z1FQxYrliTw7z2NJ5nPX6buwEAIAcjypNdz-esvU835aheGGWlQNyS--p3loRQxTRPB-DyACPh86fuDAon8t-6OVtFWrAKbs9bmpYRumiImbKg4ahGsd-GvpNac1TxS-AK3_XAnUuF2FkkpwYsAswvCMydFVZB9WMlJL0jiJOpJuRTsrAGs21SRaxS9atxHO9d1dAaUCy-cXEOHTVRhLe_Cox8xFjDLINPUjhsNS180Xk-a2EhYMDkl7t3_XQ5N5gBanbmnh1fOFqrfaY1jbPsLr2kUgubXTHtl9TeSENVPSEA3bul0g7MfSDU5qvQ&cid=CAQSTwAvHhf_L_pMyhPkY7YSuTd8QCWG__8QYnV7rxYjUkIhAEfWEL43uwd0PhKXBy7higVIbZiBmCXAMHCCyi8fHBYkAYd6EUrfrByPW5YqvbQYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=15540253701279805000&adk=3047537734&idt=120&cac=0&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 02:22:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
11699
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Dec 2023 02:22:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 59D1
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6cmZRylRvg4Zf-1X24OLmuhuaG-MrmXv81WY-z6Lv8NApPhLQwxeO9lUQmQCeRRrg6h4pMyk1CCOvPeCKvFTaicD0hh5Nv3MfDIX5jZpEGKuPOvicekcowcUq3VpMiQ8GwpwwhkuBb4nFz5RkwpIXmLrYhBiY0f5dB9AMMvBRpMZpxK0&dbm_d=AKAmf-DblKHBwWqon1VW-rXFAOEYK56Ml7XBLIvkcYDcqLLwZYyPrnOywqGW1bJxILLj7y3Sg-ghUEBrBwCDoBC1WWfNnXkT0euOlR3X6DEWS7r0z0gP8tdTMTOWV1D7gwKL41i8y4Rh-ILRX0WUA82daogqRn8NjTZaG5JzVZXdQgT2Vgkj7r109OOJ5Nx3yYvmG6Px1CckbBSB65GmdI-Cy0CQVhY9wgh-IzHfzhJbWR89wD-Qr11yX9W0DEEDGYs2x07GQuWfg85FqH2Dc4adhcVKUQ6eEVOeRdGLDC62RTaG2ipMQh-wG9jti68dP8uLDG3FrMOquQEJGZeFudxoXkhXMnUEdv-UhW4M-w2pjyqZu4aeWUrzJakxLUUDKg1zXU-Bum8HA8zOgKqLd3l03ZerCdooPOCygnzdF5P-Mkh8RZzJPdQ7japXawt6RsrqdEiPYMMDGJ1G9ufQZIz0oN0v1ygAPgJfHhsUw51QlQY-tT4HV8CjlpT0l3wLEvZfjnw5goyKBxqMuPd-yp1KWdPKw7y0n963uB3tIhrttmgdoy01UODYvyziLkvYfpLtlY-jGIoU5p4IXm7b9nCve66Txhakp5kCjxVPkU2zfsxeMXTo1wxNDRLCvHbOXohI0ISqqTQgICEAkEfY4cBhnBPlUyl-QogOs7yMKo56ZExfo6nZwWRTjYPf_851x2uf6S1EurxE86q5DdTcISjn2njcA1Wel4y2SGBXlSgEEKPP3kEPkIgIYiu6p2T6Bu8gSpBX1VTuYX-plRYSniHObtA4CGE24OhBHi7HtwLVsPmC_NjJSEu5AiCOlkm4CB5WXBIO4R0OG4f_h1T7LAtF5e0cPJO8ILxvh5ILM0hlNkvO5O6pJx01DRLfgyfEKnDtiSMT8csqQeuPvA2kf6PL4KU7n-wd-8CdPepAJIb6G5nX0sGUdy4s7EDDNCSvkeXj7Wh_uOQPBTUe2uwNhsh0_2OuLMcaNd4x2vbxGbDsd7Lx-7S6w_EDdJzX6fXHQlKvaV1KWypj3lXuBlfPj9cGDXp6NkBcthZVb4n2rkQZR4VAEE-QtG4tafchuJU31hbVceuD1JmMXx15EZqh7OnCGekXn3cGG06LA9_UaObpz20rDOEEFvuUMiPK6aVBQ93cwwU7uQcLHeMkMeHeaWt2jdH-tHp22Rm_7gSyV4bVqLl4bTcciUUm3nA7uiKmOVPHT1RsE4jCj4WmN5Y9SiIN6dlWrJ-U4psfUsqGDhmN2BVXOEFaZ6H1ZAr8DJx4cfKTNokIS5zELy0AdMVenCQPM3NdPznu3UxVHlJWBWBcgOIoIa7fr0QZfQ_Cl83OhWmX3Gd5wLAnbvlLQvQbMIsRn2YcAbcaJ1o3iBYFWSlMLp3vk7uJhTQrwJgecSd2SICGfdlOxqOlUOiEuR4xvFMe1DTwFPd4x6V0ysja4pBk0F3nd2PhZDsN4I2mgRDUeU-kNELZe44SnH7cvvZrYxkxWAYrfwAPHRz__S2NIDDVdf3SSpER4ap8t6F-_SlvCXV0dCKq7acwtSHVoiHXs8ONqUON-H8TE6wQhT3jsIkG4ia73BwziqH9A3aXZ4lsUptsKwuLEyJ2oZsbQfvkUhsjuXNk0I9UUHRP8ntyV_zVRtckCAcBDxpin6PfDDSLW-j97TOma8FhXxb1ux4FjBlhOZOm40tt7osmEqZEFSZREGGWmzZWRD7U0zIMBH7sFE9z0E7rRUJES-2GI1Se80YbljTdbF8pSvgDrD-l4QXwEQoGFEyDf4nhRT3hGCRKjc6PQhgi_hz_U157Uqp3vSKh9ouBMj28vDpCyKzLEyNeeM4lYDdSw2W5-NKFAHjedfnJFG0lAXBrVtaAsu1CMaHzKmxHA9tRwprFVllCkAupOxblMsMJ0JcQbiCYqQ0ChLjzn7rKYfxgh48k_ynKuT-4I0HdgW2IKlhQmxEPwem310Zt5xZfFu4b31E7YFdZBanX8FGdQrg8hvMOfJJWjZ78WaP8eiUfAedVZnYJL6LsuFvE2W-pBZ5Q7SvnNiI0iLT1hAlKE4R09_fcKtwZ5CynJiRT8yuBhtscshTwKze-_H56tmtZPiqC-koOMH2kNnopoixK_2x0jt7GZpB32Rok4gUAI0AyDCDDIXUZS3hENRrX9SYjo3iizbpmLmeilzD3HmDvJJFA7UCqDxHzWQPd8fGOZL2b9qB3Em5Jz5lpoZ_bGFhdB1F1dSh1z_Jh1TSLtv9JOB8URo5uoInge-0t9llSP4_3xyibDc89AZrp7BkQFaqG1ZuBpQdwFnMxGRQbiJAJP1ITboRM06GwgL7I1H_4-_AzgDz2QtIEsWvYwFflkPNSJOLhP21dHeCMV2UeOHgR7z9OHwehF81dbGc-jGzKpAdPaJMK1s3FRGkCJ7fL6Q0TJlwXnSYNRmvFpf0pc8w-8amnBftUKBBRd_sM9VG69w3-u6jk0zf58TQUakdgXL5XjA5U8zcF1SQC8O3eScWIsyQEqbmhbgQQPfl17wzeo2qun2oUl1OF_wIdsoivSl3AYYOjrNVTcb-nKprsL3IaW2h1d2SjttFCSGBNYgn1apLz-EIN54IRHivpuYf-HXCJzllD2WO8BMOJiO4BWk1LelqVT1U3U3PZ4cqUvA7j-jGGPkF6nMGmXLI-EVAbm8q-LxSVLKiB29MB_9NteHoBq_aC5-wCz_DsZSrXcrgxBo3-_KYVZopdY68V6y80r_rXUXfn2CzDYsAuzepBTQhEcGuhf-jqtkJt2HdXh-cT4kqCE3CYFY9zPiLlgcXHrwgFDj7VmJ4qNzaVJd0Knl_9uI9Qd2cI7pwMdWRh9obvURDiMyrzU6F2_TCdozvzc4h_ZScgr9a9rEKwX-2tph5lyF7vacrDWp-GCNdfdrAX5Jy8cHWr_FDXM2WA97_D_fGr4CRz5KWtTYfgxdE3N7EbLd9ZhJbR0eZJad-wYZi7G5SjNOXwuXC07hanw0xt-5aOYS2jPYmKaxd9bFyQu4rMov1DD8ckwDYk3eCNS235lN32pHQKpNnqhYyq_MJgdxFVtXT_KOz7ghMczqnF3of0TeKMaUiFtllNTYwLTDqSzzc7e9-URza6PHF1gLhykWrDSvhLxp6sjuiEg0Gkn3f9TY3DWaY593J4FaMptBQ39XGNLNVWnysrrHt_fIr0KKtnZTZM9No-Q_CAH5OR_uA8_aWwcgdSXAm7yUm0wOvVTmnsch-WSg_tvvMVumoiHGZwrVv268ZWr5D975UW0axC7jb67z0GIpk614dwD6YNLCJJnNbxLoyGDTurK-UyK8OH8lkeAIHRJudApxdkrBIwczmoWpgGsFdjfOOstRFz2U3kNJthqh5RJpxaDTsuYlSrvH-mrG1ff1YB_iCq2OyTzWUcW1c3Oxu4aq_FNLTZFUBFoCXn2Paj5Qu1a4qHVSpT0vXS_Z1FQxYrliTw7z2NJ5nPX6buwEAIAcjypNdz-esvU835aheGGWlQNyS--p3loRQxTRPB-DyACPh86fuDAon8t-6OVtFWrAKbs9bmpYRumiImbKg4ahGsd-GvpNac1TxS-AK3_XAnUuF2FkkpwYsAswvCMydFVZB9WMlJL0jiJOpJuRTsrAGs21SRaxS9atxHO9d1dAaUCy-cXEOHTVRhLe_Cox8xFjDLINPUjhsNS180Xk-a2EhYMDkl7t3_XQ5N5gBanbmnh1fOFqrfaY1jbPsLr2kUgubXTHtl9TeSENVPSEA3bul0g7MfSDU5qvQ&cid=CAQSTwAvHhf_L_pMyhPkY7YSuTd8QCWG__8QYnV7rxYjUkIhAEfWEL43uwd0PhKXBy7higVIbZiBmCXAMHCCyi8fHBYkAYd6EUrfrByPW5YqvbQYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=15540253701279805000&adk=3047537734&idt=120&cac=0&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 19:49:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
35274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Dec 2023 19:49:11 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 59D1
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv-L60LlDNqRNYciV5cCkHH9IeSMcKSlIhGRDKq6H1Ka8RvWzOJq9nWDT_SqZcayhdayS3MZX5DosB7O5c4W-HWsNsnCMbMcP4aBlKI9jw9dKm6jqnCwiT72oiGpvAcrlOdSd7SmbWkxetf-NuBTuODuHkvbv18QtBq620zQGztyk8sfXxkKiRCJlZhxtwQZ-6n4IcBd0fR0TNP24LuWURwjcdy78u12rjaX2HfFo2Rn-vSq-xwOHroz0NqHzUQfnqFexm4sK7DO5JHs3HWkfQlxMzzJNBXSL2McdBzMfAHd0MjLCgasWDwGoSrHwnevUahfMDKITz0LQsZMAbHp5oPMIBSvVYd0da4JNXCF3-zX_QWLSDb-l2hmpaCXmzuehEw7R0s0Cc3U1hN64_l7hIDGkj9XVuGPtLA6f7sxtFigDfPQ_Kr5YCY_RnrO27Cl55sRf8JA89vbTHOr9TU8fuMrWRwaN22R4x7dniJZvD20FN6ptUFs3SioCU57cZI1mNCFgau9JCLbr2dhndNDMSvmWpv1i1BUELID4k0ALfxB3ddXJOi5HVamE28x_tFxsjTekFcV_01Wc9AJgEfY_JRvbkXLoRVtBHckIYTKxFFGpDDGQWTu6GIfuxOjghn4B2BMyoyZKOZqLx4xN7ADbLlPUP5YypLUbAiERLRF4PA11QazD5msm02gZ6H3fc0e_vyVvoaQo8DCIPBF_VmPrI5unujBeurKYJw-oXCV9nC9FDqSamhJHFN7dIA9Vd4BQP6lM-StXdBl3jx_hQGxXvhbdqNnxDhsUq1rO5DPF6mnnZgqtKUBlcbggk1E_OWGRiBjVj7n3dCv8N9X0qrKsWs-hG_owujoDT6A0qYju-1pDSA-XotDIA6ytrrSSiBnwyfpfd39PT9j-mH2Xuay6sN3lnfOJM7hHDpQIRwVtE-zrdQDKDXiHCiBt6n0ClSK9nPQWxD_xWoe3GVNYQZz4jaxeSHJD0QW9ifkDXosM6LZnwG4KGr7Aud6IvMfeRKkrYBuz4Y31HSFpvOuZZ4YCZnv27FWldLFymw6pmkgpucvI9rT_UefCQyeeUVmP8pTnJxkJ8oPH2XkFlbkXga5mcZS_wacYPBQmQ7_ENOeqEJr8frbOs2QziGmEKlx7zZmZn8RYwvqRU_-6zDcoC-nZJGG4RCNyun4UpVyYDqcrTUrTm-FXQUQiI9vBlR2yj-cnHXpSAyliI_uTIs0UcYzk6EMz_r9wBYwG6_7rxSg11tP9nDAu4nq57urVrhUErUHFYx1Vr6QIkvNuHLhnd5s1qowp7AQwdj3Vp8O-etjLxuU3XK3F6cFOX8mjh-tdR3QPZkOWd1W2qY7hKCju3FSBNaIejk6YNpHemYMWcgEM2rl5f9B6mk6wb0yFiGG8XS3XUUCOmmzs6MkEmQjKbWZlwplEBz6XJtfa6bvfKFAc9HYpXW-mUM_NvHMYEMCxuG2x5ZBg4VY1Qn8NmDJsOwRNm5kQ&sai=AMfl-YRYhrIkbcRDV_hknGZdv9uDnY2Bb1ldekDEdPPNqUXqRqb-NUxXq2r8va7zLuov9p3dPzeKW36RuslXgQI4GwFwyovPfj4yrKrQIgZ-Ncx-MqFq-bvT5MDTxtjk8KoWoXX-gZery179v4eH2TzccUlRep0qDgyADpUPHa_gU0BOYfrMm2HCDhE5pmzlKy7D3jKM7DbBFJNkWE-ZsIeMAvv935uhxamJI-hrvjfkFMWFvELeqbuMJzajvVGh93enoIkqREBTWyLqDrn-0HTjnjSjYEJFyCBypV1mo52dwXFVC0TZG3nI12Lk-sQGYPF3WJjx&sig=Cg0ArKJSzHC8jj3kVyKyEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.75302&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6cmZRylRvg4Zf-1X24OLmuhuaG-MrmXv81WY-z6Lv8NApPhLQwxeO9lUQmQCeRRrg6h4pMyk1CCOvPeCKvFTaicD0hh5Nv3MfDIX5jZpEGKuPOvicekcowcUq3VpMiQ8GwpwwhkuBb4nFz5RkwpIXmLrYhBiY0f5dB9AMMvBRpMZpxK0&dbm_d=AKAmf-DblKHBwWqon1VW-rXFAOEYK56Ml7XBLIvkcYDcqLLwZYyPrnOywqGW1bJxILLj7y3Sg-ghUEBrBwCDoBC1WWfNnXkT0euOlR3X6DEWS7r0z0gP8tdTMTOWV1D7gwKL41i8y4Rh-ILRX0WUA82daogqRn8NjTZaG5JzVZXdQgT2Vgkj7r109OOJ5Nx3yYvmG6Px1CckbBSB65GmdI-Cy0CQVhY9wgh-IzHfzhJbWR89wD-Qr11yX9W0DEEDGYs2x07GQuWfg85FqH2Dc4adhcVKUQ6eEVOeRdGLDC62RTaG2ipMQh-wG9jti68dP8uLDG3FrMOquQEJGZeFudxoXkhXMnUEdv-UhW4M-w2pjyqZu4aeWUrzJakxLUUDKg1zXU-Bum8HA8zOgKqLd3l03ZerCdooPOCygnzdF5P-Mkh8RZzJPdQ7japXawt6RsrqdEiPYMMDGJ1G9ufQZIz0oN0v1ygAPgJfHhsUw51QlQY-tT4HV8CjlpT0l3wLEvZfjnw5goyKBxqMuPd-yp1KWdPKw7y0n963uB3tIhrttmgdoy01UODYvyziLkvYfpLtlY-jGIoU5p4IXm7b9nCve66Txhakp5kCjxVPkU2zfsxeMXTo1wxNDRLCvHbOXohI0ISqqTQgICEAkEfY4cBhnBPlUyl-QogOs7yMKo56ZExfo6nZwWRTjYPf_851x2uf6S1EurxE86q5DdTcISjn2njcA1Wel4y2SGBXlSgEEKPP3kEPkIgIYiu6p2T6Bu8gSpBX1VTuYX-plRYSniHObtA4CGE24OhBHi7HtwLVsPmC_NjJSEu5AiCOlkm4CB5WXBIO4R0OG4f_h1T7LAtF5e0cPJO8ILxvh5ILM0hlNkvO5O6pJx01DRLfgyfEKnDtiSMT8csqQeuPvA2kf6PL4KU7n-wd-8CdPepAJIb6G5nX0sGUdy4s7EDDNCSvkeXj7Wh_uOQPBTUe2uwNhsh0_2OuLMcaNd4x2vbxGbDsd7Lx-7S6w_EDdJzX6fXHQlKvaV1KWypj3lXuBlfPj9cGDXp6NkBcthZVb4n2rkQZR4VAEE-QtG4tafchuJU31hbVceuD1JmMXx15EZqh7OnCGekXn3cGG06LA9_UaObpz20rDOEEFvuUMiPK6aVBQ93cwwU7uQcLHeMkMeHeaWt2jdH-tHp22Rm_7gSyV4bVqLl4bTcciUUm3nA7uiKmOVPHT1RsE4jCj4WmN5Y9SiIN6dlWrJ-U4psfUsqGDhmN2BVXOEFaZ6H1ZAr8DJx4cfKTNokIS5zELy0AdMVenCQPM3NdPznu3UxVHlJWBWBcgOIoIa7fr0QZfQ_Cl83OhWmX3Gd5wLAnbvlLQvQbMIsRn2YcAbcaJ1o3iBYFWSlMLp3vk7uJhTQrwJgecSd2SICGfdlOxqOlUOiEuR4xvFMe1DTwFPd4x6V0ysja4pBk0F3nd2PhZDsN4I2mgRDUeU-kNELZe44SnH7cvvZrYxkxWAYrfwAPHRz__S2NIDDVdf3SSpER4ap8t6F-_SlvCXV0dCKq7acwtSHVoiHXs8ONqUON-H8TE6wQhT3jsIkG4ia73BwziqH9A3aXZ4lsUptsKwuLEyJ2oZsbQfvkUhsjuXNk0I9UUHRP8ntyV_zVRtckCAcBDxpin6PfDDSLW-j97TOma8FhXxb1ux4FjBlhOZOm40tt7osmEqZEFSZREGGWmzZWRD7U0zIMBH7sFE9z0E7rRUJES-2GI1Se80YbljTdbF8pSvgDrD-l4QXwEQoGFEyDf4nhRT3hGCRKjc6PQhgi_hz_U157Uqp3vSKh9ouBMj28vDpCyKzLEyNeeM4lYDdSw2W5-NKFAHjedfnJFG0lAXBrVtaAsu1CMaHzKmxHA9tRwprFVllCkAupOxblMsMJ0JcQbiCYqQ0ChLjzn7rKYfxgh48k_ynKuT-4I0HdgW2IKlhQmxEPwem310Zt5xZfFu4b31E7YFdZBanX8FGdQrg8hvMOfJJWjZ78WaP8eiUfAedVZnYJL6LsuFvE2W-pBZ5Q7SvnNiI0iLT1hAlKE4R09_fcKtwZ5CynJiRT8yuBhtscshTwKze-_H56tmtZPiqC-koOMH2kNnopoixK_2x0jt7GZpB32Rok4gUAI0AyDCDDIXUZS3hENRrX9SYjo3iizbpmLmeilzD3HmDvJJFA7UCqDxHzWQPd8fGOZL2b9qB3Em5Jz5lpoZ_bGFhdB1F1dSh1z_Jh1TSLtv9JOB8URo5uoInge-0t9llSP4_3xyibDc89AZrp7BkQFaqG1ZuBpQdwFnMxGRQbiJAJP1ITboRM06GwgL7I1H_4-_AzgDz2QtIEsWvYwFflkPNSJOLhP21dHeCMV2UeOHgR7z9OHwehF81dbGc-jGzKpAdPaJMK1s3FRGkCJ7fL6Q0TJlwXnSYNRmvFpf0pc8w-8amnBftUKBBRd_sM9VG69w3-u6jk0zf58TQUakdgXL5XjA5U8zcF1SQC8O3eScWIsyQEqbmhbgQQPfl17wzeo2qun2oUl1OF_wIdsoivSl3AYYOjrNVTcb-nKprsL3IaW2h1d2SjttFCSGBNYgn1apLz-EIN54IRHivpuYf-HXCJzllD2WO8BMOJiO4BWk1LelqVT1U3U3PZ4cqUvA7j-jGGPkF6nMGmXLI-EVAbm8q-LxSVLKiB29MB_9NteHoBq_aC5-wCz_DsZSrXcrgxBo3-_KYVZopdY68V6y80r_rXUXfn2CzDYsAuzepBTQhEcGuhf-jqtkJt2HdXh-cT4kqCE3CYFY9zPiLlgcXHrwgFDj7VmJ4qNzaVJd0Knl_9uI9Qd2cI7pwMdWRh9obvURDiMyrzU6F2_TCdozvzc4h_ZScgr9a9rEKwX-2tph5lyF7vacrDWp-GCNdfdrAX5Jy8cHWr_FDXM2WA97_D_fGr4CRz5KWtTYfgxdE3N7EbLd9ZhJbR0eZJad-wYZi7G5SjNOXwuXC07hanw0xt-5aOYS2jPYmKaxd9bFyQu4rMov1DD8ckwDYk3eCNS235lN32pHQKpNnqhYyq_MJgdxFVtXT_KOz7ghMczqnF3of0TeKMaUiFtllNTYwLTDqSzzc7e9-URza6PHF1gLhykWrDSvhLxp6sjuiEg0Gkn3f9TY3DWaY593J4FaMptBQ39XGNLNVWnysrrHt_fIr0KKtnZTZM9No-Q_CAH5OR_uA8_aWwcgdSXAm7yUm0wOvVTmnsch-WSg_tvvMVumoiHGZwrVv268ZWr5D975UW0axC7jb67z0GIpk614dwD6YNLCJJnNbxLoyGDTurK-UyK8OH8lkeAIHRJudApxdkrBIwczmoWpgGsFdjfOOstRFz2U3kNJthqh5RJpxaDTsuYlSrvH-mrG1ff1YB_iCq2OyTzWUcW1c3Oxu4aq_FNLTZFUBFoCXn2Paj5Qu1a4qHVSpT0vXS_Z1FQxYrliTw7z2NJ5nPX6buwEAIAcjypNdz-esvU835aheGGWlQNyS--p3loRQxTRPB-DyACPh86fuDAon8t-6OVtFWrAKbs9bmpYRumiImbKg4ahGsd-GvpNac1TxS-AK3_XAnUuF2FkkpwYsAswvCMydFVZB9WMlJL0jiJOpJuRTsrAGs21SRaxS9atxHO9d1dAaUCy-cXEOHTVRhLe_Cox8xFjDLINPUjhsNS180Xk-a2EhYMDkl7t3_XQ5N5gBanbmnh1fOFqrfaY1jbPsLr2kUgubXTHtl9TeSENVPSEA3bul0g7MfSDU5qvQ&cid=CAQSTwAvHhf_L_pMyhPkY7YSuTd8QCWG__8QYnV7rxYjUkIhAEfWEL43uwd0PhKXBy7higVIbZiBmCXAMHCCyi8fHBYkAYd6EUrfrByPW5YqvbQYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=15540253701279805000&adk=3047537734&idt=120&cac=0&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s30-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 15 Dec 2023 05:37:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 59D1
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6cmZRylRvg4Zf-1X24OLmuhuaG-MrmXv81WY-z6Lv8NApPhLQwxeO9lUQmQCeRRrg6h4pMyk1CCOvPeCKvFTaicD0hh5Nv3MfDIX5jZpEGKuPOvicekcowcUq3VpMiQ8GwpwwhkuBb4nFz5RkwpIXmLrYhBiY0f5dB9AMMvBRpMZpxK0&dbm_d=AKAmf-DblKHBwWqon1VW-rXFAOEYK56Ml7XBLIvkcYDcqLLwZYyPrnOywqGW1bJxILLj7y3Sg-ghUEBrBwCDoBC1WWfNnXkT0euOlR3X6DEWS7r0z0gP8tdTMTOWV1D7gwKL41i8y4Rh-ILRX0WUA82daogqRn8NjTZaG5JzVZXdQgT2Vgkj7r109OOJ5Nx3yYvmG6Px1CckbBSB65GmdI-Cy0CQVhY9wgh-IzHfzhJbWR89wD-Qr11yX9W0DEEDGYs2x07GQuWfg85FqH2Dc4adhcVKUQ6eEVOeRdGLDC62RTaG2ipMQh-wG9jti68dP8uLDG3FrMOquQEJGZeFudxoXkhXMnUEdv-UhW4M-w2pjyqZu4aeWUrzJakxLUUDKg1zXU-Bum8HA8zOgKqLd3l03ZerCdooPOCygnzdF5P-Mkh8RZzJPdQ7japXawt6RsrqdEiPYMMDGJ1G9ufQZIz0oN0v1ygAPgJfHhsUw51QlQY-tT4HV8CjlpT0l3wLEvZfjnw5goyKBxqMuPd-yp1KWdPKw7y0n963uB3tIhrttmgdoy01UODYvyziLkvYfpLtlY-jGIoU5p4IXm7b9nCve66Txhakp5kCjxVPkU2zfsxeMXTo1wxNDRLCvHbOXohI0ISqqTQgICEAkEfY4cBhnBPlUyl-QogOs7yMKo56ZExfo6nZwWRTjYPf_851x2uf6S1EurxE86q5DdTcISjn2njcA1Wel4y2SGBXlSgEEKPP3kEPkIgIYiu6p2T6Bu8gSpBX1VTuYX-plRYSniHObtA4CGE24OhBHi7HtwLVsPmC_NjJSEu5AiCOlkm4CB5WXBIO4R0OG4f_h1T7LAtF5e0cPJO8ILxvh5ILM0hlNkvO5O6pJx01DRLfgyfEKnDtiSMT8csqQeuPvA2kf6PL4KU7n-wd-8CdPepAJIb6G5nX0sGUdy4s7EDDNCSvkeXj7Wh_uOQPBTUe2uwNhsh0_2OuLMcaNd4x2vbxGbDsd7Lx-7S6w_EDdJzX6fXHQlKvaV1KWypj3lXuBlfPj9cGDXp6NkBcthZVb4n2rkQZR4VAEE-QtG4tafchuJU31hbVceuD1JmMXx15EZqh7OnCGekXn3cGG06LA9_UaObpz20rDOEEFvuUMiPK6aVBQ93cwwU7uQcLHeMkMeHeaWt2jdH-tHp22Rm_7gSyV4bVqLl4bTcciUUm3nA7uiKmOVPHT1RsE4jCj4WmN5Y9SiIN6dlWrJ-U4psfUsqGDhmN2BVXOEFaZ6H1ZAr8DJx4cfKTNokIS5zELy0AdMVenCQPM3NdPznu3UxVHlJWBWBcgOIoIa7fr0QZfQ_Cl83OhWmX3Gd5wLAnbvlLQvQbMIsRn2YcAbcaJ1o3iBYFWSlMLp3vk7uJhTQrwJgecSd2SICGfdlOxqOlUOiEuR4xvFMe1DTwFPd4x6V0ysja4pBk0F3nd2PhZDsN4I2mgRDUeU-kNELZe44SnH7cvvZrYxkxWAYrfwAPHRz__S2NIDDVdf3SSpER4ap8t6F-_SlvCXV0dCKq7acwtSHVoiHXs8ONqUON-H8TE6wQhT3jsIkG4ia73BwziqH9A3aXZ4lsUptsKwuLEyJ2oZsbQfvkUhsjuXNk0I9UUHRP8ntyV_zVRtckCAcBDxpin6PfDDSLW-j97TOma8FhXxb1ux4FjBlhOZOm40tt7osmEqZEFSZREGGWmzZWRD7U0zIMBH7sFE9z0E7rRUJES-2GI1Se80YbljTdbF8pSvgDrD-l4QXwEQoGFEyDf4nhRT3hGCRKjc6PQhgi_hz_U157Uqp3vSKh9ouBMj28vDpCyKzLEyNeeM4lYDdSw2W5-NKFAHjedfnJFG0lAXBrVtaAsu1CMaHzKmxHA9tRwprFVllCkAupOxblMsMJ0JcQbiCYqQ0ChLjzn7rKYfxgh48k_ynKuT-4I0HdgW2IKlhQmxEPwem310Zt5xZfFu4b31E7YFdZBanX8FGdQrg8hvMOfJJWjZ78WaP8eiUfAedVZnYJL6LsuFvE2W-pBZ5Q7SvnNiI0iLT1hAlKE4R09_fcKtwZ5CynJiRT8yuBhtscshTwKze-_H56tmtZPiqC-koOMH2kNnopoixK_2x0jt7GZpB32Rok4gUAI0AyDCDDIXUZS3hENRrX9SYjo3iizbpmLmeilzD3HmDvJJFA7UCqDxHzWQPd8fGOZL2b9qB3Em5Jz5lpoZ_bGFhdB1F1dSh1z_Jh1TSLtv9JOB8URo5uoInge-0t9llSP4_3xyibDc89AZrp7BkQFaqG1ZuBpQdwFnMxGRQbiJAJP1ITboRM06GwgL7I1H_4-_AzgDz2QtIEsWvYwFflkPNSJOLhP21dHeCMV2UeOHgR7z9OHwehF81dbGc-jGzKpAdPaJMK1s3FRGkCJ7fL6Q0TJlwXnSYNRmvFpf0pc8w-8amnBftUKBBRd_sM9VG69w3-u6jk0zf58TQUakdgXL5XjA5U8zcF1SQC8O3eScWIsyQEqbmhbgQQPfl17wzeo2qun2oUl1OF_wIdsoivSl3AYYOjrNVTcb-nKprsL3IaW2h1d2SjttFCSGBNYgn1apLz-EIN54IRHivpuYf-HXCJzllD2WO8BMOJiO4BWk1LelqVT1U3U3PZ4cqUvA7j-jGGPkF6nMGmXLI-EVAbm8q-LxSVLKiB29MB_9NteHoBq_aC5-wCz_DsZSrXcrgxBo3-_KYVZopdY68V6y80r_rXUXfn2CzDYsAuzepBTQhEcGuhf-jqtkJt2HdXh-cT4kqCE3CYFY9zPiLlgcXHrwgFDj7VmJ4qNzaVJd0Knl_9uI9Qd2cI7pwMdWRh9obvURDiMyrzU6F2_TCdozvzc4h_ZScgr9a9rEKwX-2tph5lyF7vacrDWp-GCNdfdrAX5Jy8cHWr_FDXM2WA97_D_fGr4CRz5KWtTYfgxdE3N7EbLd9ZhJbR0eZJad-wYZi7G5SjNOXwuXC07hanw0xt-5aOYS2jPYmKaxd9bFyQu4rMov1DD8ckwDYk3eCNS235lN32pHQKpNnqhYyq_MJgdxFVtXT_KOz7ghMczqnF3of0TeKMaUiFtllNTYwLTDqSzzc7e9-URza6PHF1gLhykWrDSvhLxp6sjuiEg0Gkn3f9TY3DWaY593J4FaMptBQ39XGNLNVWnysrrHt_fIr0KKtnZTZM9No-Q_CAH5OR_uA8_aWwcgdSXAm7yUm0wOvVTmnsch-WSg_tvvMVumoiHGZwrVv268ZWr5D975UW0axC7jb67z0GIpk614dwD6YNLCJJnNbxLoyGDTurK-UyK8OH8lkeAIHRJudApxdkrBIwczmoWpgGsFdjfOOstRFz2U3kNJthqh5RJpxaDTsuYlSrvH-mrG1ff1YB_iCq2OyTzWUcW1c3Oxu4aq_FNLTZFUBFoCXn2Paj5Qu1a4qHVSpT0vXS_Z1FQxYrliTw7z2NJ5nPX6buwEAIAcjypNdz-esvU835aheGGWlQNyS--p3loRQxTRPB-DyACPh86fuDAon8t-6OVtFWrAKbs9bmpYRumiImbKg4ahGsd-GvpNac1TxS-AK3_XAnUuF2FkkpwYsAswvCMydFVZB9WMlJL0jiJOpJuRTsrAGs21SRaxS9atxHO9d1dAaUCy-cXEOHTVRhLe_Cox8xFjDLINPUjhsNS180Xk-a2EhYMDkl7t3_XQ5N5gBanbmnh1fOFqrfaY1jbPsLr2kUgubXTHtl9TeSENVPSEA3bul0g7MfSDU5qvQ&cid=CAQSTwAvHhf_L_pMyhPkY7YSuTd8QCWG__8QYnV7rxYjUkIhAEfWEL43uwd0PhKXBy7higVIbZiBmCXAMHCCyi8fHBYkAYd6EUrfrByPW5YqvbQYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=15540253701279805000&adk=3047537734&idt=120&cac=0&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:48:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
280128
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 23:48:17 GMT
15054321684348163627
s0.2mdn.net/simgad/ Frame 59D1
51 KB
52 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/15054321684348163627
Requested by
Host: 51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
URL: https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8bc01762817b1c27ff22034ef061a3286d72b056777d6663d6fe687e6ec1f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 03:02:28 GMT
x-content-type-options
nosniff
age
95677
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52328
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 02:09:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Dec 2024 03:02:28 GMT
float.js
s.trvdp.com/scripts/v5.832/
469 KB
139 KB
Script
General
Full URL
https://s.trvdp.com/scripts/v5.832/float.js
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-31.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 12:39:55 GMT
content-encoding
gzip
via
1.1 0962027405631ad0b2b25cd64e62ca38.cloudfront.net (CloudFront)
last-modified
Sun, 15 Oct 2023 15:13:28 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C2
age
493030
etag
W/"ae8e71eddcd185d49d5b9a8ef8a2ef6a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
MfazLlCz7W_6XJw2MN364WTAvEkC4dXmiHdHD5h6slWwmhbmk6ohtQ==
truncated
/ Frame 59D1
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
268469f2fe01b48b6de0271a6b278688bcd077e01c0fa98e0e969fedabf2d182

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
/
t.ssp.hinet.net/ Frame DE60
37 B
409 B
XHR
General
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
d7adabd54228f466c99f39ae64101429291a29657a8bd6db339115538b1142e8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 67A4
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
179952
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 03:37:53 GMT
expires
Thu, 12 Dec 2024 03:37:53 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 59D1
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv-L60LlDNqRNYciV5cCkHH9IeSMcKSlIhGRDKq6H1Ka8RvWzOJq9nWDT_SqZcayhdayS3MZX5DosB7O5c4W-HWsNsnCMbMcP4aBlKI9jw9dKm6jqnCwiT72oiGpvAcrlOdSd7SmbWkxetf-NuBTuODuHkvbv18QtBq620zQGztyk8sfXxkKiRCJlZhxtwQZ-6n4IcBd0fR0TNP24LuWURwjcdy78u12rjaX2HfFo2Rn-vSq-xwOHroz0NqHzUQfnqFexm4sK7DO5JHs3HWkfQlxMzzJNBXSL2McdBzMfAHd0MjLCgasWDwGoSrHwnevUahfMDKITz0LQsZMAbHp5oPMIBSvVYd0da4JNXCF3-zX_QWLSDb-l2hmpaCXmzuehEw7R0s0Cc3U1hN64_l7hIDGkj9XVuGPtLA6f7sxtFigDfPQ_Kr5YCY_RnrO27Cl55sRf8JA89vbTHOr9TU8fuMrWRwaN22R4x7dniJZvD20FN6ptUFs3SioCU57cZI1mNCFgau9JCLbr2dhndNDMSvmWpv1i1BUELID4k0ALfxB3ddXJOi5HVamE28x_tFxsjTekFcV_01Wc9AJgEfY_JRvbkXLoRVtBHckIYTKxFFGpDDGQWTu6GIfuxOjghn4B2BMyoyZKOZqLx4xN7ADbLlPUP5YypLUbAiERLRF4PA11QazD5msm02gZ6H3fc0e_vyVvoaQo8DCIPBF_VmPrI5unujBeurKYJw-oXCV9nC9FDqSamhJHFN7dIA9Vd4BQP6lM-StXdBl3jx_hQGxXvhbdqNnxDhsUq1rO5DPF6mnnZgqtKUBlcbggk1E_OWGRiBjVj7n3dCv8N9X0qrKsWs-hG_owujoDT6A0qYju-1pDSA-XotDIA6ytrrSSiBnwyfpfd39PT9j-mH2Xuay6sN3lnfOJM7hHDpQIRwVtE-zrdQDKDXiHCiBt6n0ClSK9nPQWxD_xWoe3GVNYQZz4jaxeSHJD0QW9ifkDXosM6LZnwG4KGr7Aud6IvMfeRKkrYBuz4Y31HSFpvOuZZ4YCZnv27FWldLFymw6pmkgpucvI9rT_UefCQyeeUVmP8pTnJxkJ8oPH2XkFlbkXga5mcZS_wacYPBQmQ7_ENOeqEJr8frbOs2QziGmEKlx7zZmZn8RYwvqRU_-6zDcoC-nZJGG4RCNyun4UpVyYDqcrTUrTm-FXQUQiI9vBlR2yj-cnHXpSAyliI_uTIs0UcYzk6EMz_r9wBYwG6_7rxSg11tP9nDAu4nq57urVrhUErUHFYx1Vr6QIkvNuHLhnd5s1qowp7AQwdj3Vp8O-etjLxuU3XK3F6cFOX8mjh-tdR3QPZkOWd1W2qY7hKCju3FSBNaIejk6YNpHemYMWcgEM2rl5f9B6mk6wb0yFiGG8XS3XUUCOmmzs6MkEmQjKbWZlwplEBz6XJtfa6bvfKFAc9HYpXW-mUM_NvHMYEMCxuG2x5ZBg4VY1Qn8NmDJsOwRNm5kQ&sai=AMfl-YRYhrIkbcRDV_hknGZdv9uDnY2Bb1ldekDEdPPNqUXqRqb-NUxXq2r8va7zLuov9p3dPzeKW36RuslXgQI4GwFwyovPfj4yrKrQIgZ-Ncx-MqFq-bvT5MDTxtjk8KoWoXX-gZery179v4eH2TzccUlRep0qDgyADpUPHa_gU0BOYfrMm2HCDhE5pmzlKy7D3jKM7DbBFJNkWE-ZsIeMAvv935uhxamJI-hrvjfkFMWFvELeqbuMJzajvVGh93enoIkqREBTWyLqDrn-0HTjnjSjYEJFyCBypV1mo52dwXFVC0TZG3nI12Lk-sQGYPF3WJjx&sig=Cg0ArKJSzHC8jj3kVyKyEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=62&vt=11&dtpt=61&dett=2&cstd=0&cisv=r20231207.75302&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6cmZRylRvg4Zf-1X24OLmuhuaG-MrmXv81WY-z6Lv8NApPhLQwxeO9lUQmQCeRRrg6h4pMyk1CCOvPeCKvFTaicD0hh5Nv3MfDIX5jZpEGKuPOvicekcowcUq3VpMiQ8GwpwwhkuBb4nFz5RkwpIXmLrYhBiY0f5dB9AMMvBRpMZpxK0&dbm_d=AKAmf-DblKHBwWqon1VW-rXFAOEYK56Ml7XBLIvkcYDcqLLwZYyPrnOywqGW1bJxILLj7y3Sg-ghUEBrBwCDoBC1WWfNnXkT0euOlR3X6DEWS7r0z0gP8tdTMTOWV1D7gwKL41i8y4Rh-ILRX0WUA82daogqRn8NjTZaG5JzVZXdQgT2Vgkj7r109OOJ5Nx3yYvmG6Px1CckbBSB65GmdI-Cy0CQVhY9wgh-IzHfzhJbWR89wD-Qr11yX9W0DEEDGYs2x07GQuWfg85FqH2Dc4adhcVKUQ6eEVOeRdGLDC62RTaG2ipMQh-wG9jti68dP8uLDG3FrMOquQEJGZeFudxoXkhXMnUEdv-UhW4M-w2pjyqZu4aeWUrzJakxLUUDKg1zXU-Bum8HA8zOgKqLd3l03ZerCdooPOCygnzdF5P-Mkh8RZzJPdQ7japXawt6RsrqdEiPYMMDGJ1G9ufQZIz0oN0v1ygAPgJfHhsUw51QlQY-tT4HV8CjlpT0l3wLEvZfjnw5goyKBxqMuPd-yp1KWdPKw7y0n963uB3tIhrttmgdoy01UODYvyziLkvYfpLtlY-jGIoU5p4IXm7b9nCve66Txhakp5kCjxVPkU2zfsxeMXTo1wxNDRLCvHbOXohI0ISqqTQgICEAkEfY4cBhnBPlUyl-QogOs7yMKo56ZExfo6nZwWRTjYPf_851x2uf6S1EurxE86q5DdTcISjn2njcA1Wel4y2SGBXlSgEEKPP3kEPkIgIYiu6p2T6Bu8gSpBX1VTuYX-plRYSniHObtA4CGE24OhBHi7HtwLVsPmC_NjJSEu5AiCOlkm4CB5WXBIO4R0OG4f_h1T7LAtF5e0cPJO8ILxvh5ILM0hlNkvO5O6pJx01DRLfgyfEKnDtiSMT8csqQeuPvA2kf6PL4KU7n-wd-8CdPepAJIb6G5nX0sGUdy4s7EDDNCSvkeXj7Wh_uOQPBTUe2uwNhsh0_2OuLMcaNd4x2vbxGbDsd7Lx-7S6w_EDdJzX6fXHQlKvaV1KWypj3lXuBlfPj9cGDXp6NkBcthZVb4n2rkQZR4VAEE-QtG4tafchuJU31hbVceuD1JmMXx15EZqh7OnCGekXn3cGG06LA9_UaObpz20rDOEEFvuUMiPK6aVBQ93cwwU7uQcLHeMkMeHeaWt2jdH-tHp22Rm_7gSyV4bVqLl4bTcciUUm3nA7uiKmOVPHT1RsE4jCj4WmN5Y9SiIN6dlWrJ-U4psfUsqGDhmN2BVXOEFaZ6H1ZAr8DJx4cfKTNokIS5zELy0AdMVenCQPM3NdPznu3UxVHlJWBWBcgOIoIa7fr0QZfQ_Cl83OhWmX3Gd5wLAnbvlLQvQbMIsRn2YcAbcaJ1o3iBYFWSlMLp3vk7uJhTQrwJgecSd2SICGfdlOxqOlUOiEuR4xvFMe1DTwFPd4x6V0ysja4pBk0F3nd2PhZDsN4I2mgRDUeU-kNELZe44SnH7cvvZrYxkxWAYrfwAPHRz__S2NIDDVdf3SSpER4ap8t6F-_SlvCXV0dCKq7acwtSHVoiHXs8ONqUON-H8TE6wQhT3jsIkG4ia73BwziqH9A3aXZ4lsUptsKwuLEyJ2oZsbQfvkUhsjuXNk0I9UUHRP8ntyV_zVRtckCAcBDxpin6PfDDSLW-j97TOma8FhXxb1ux4FjBlhOZOm40tt7osmEqZEFSZREGGWmzZWRD7U0zIMBH7sFE9z0E7rRUJES-2GI1Se80YbljTdbF8pSvgDrD-l4QXwEQoGFEyDf4nhRT3hGCRKjc6PQhgi_hz_U157Uqp3vSKh9ouBMj28vDpCyKzLEyNeeM4lYDdSw2W5-NKFAHjedfnJFG0lAXBrVtaAsu1CMaHzKmxHA9tRwprFVllCkAupOxblMsMJ0JcQbiCYqQ0ChLjzn7rKYfxgh48k_ynKuT-4I0HdgW2IKlhQmxEPwem310Zt5xZfFu4b31E7YFdZBanX8FGdQrg8hvMOfJJWjZ78WaP8eiUfAedVZnYJL6LsuFvE2W-pBZ5Q7SvnNiI0iLT1hAlKE4R09_fcKtwZ5CynJiRT8yuBhtscshTwKze-_H56tmtZPiqC-koOMH2kNnopoixK_2x0jt7GZpB32Rok4gUAI0AyDCDDIXUZS3hENRrX9SYjo3iizbpmLmeilzD3HmDvJJFA7UCqDxHzWQPd8fGOZL2b9qB3Em5Jz5lpoZ_bGFhdB1F1dSh1z_Jh1TSLtv9JOB8URo5uoInge-0t9llSP4_3xyibDc89AZrp7BkQFaqG1ZuBpQdwFnMxGRQbiJAJP1ITboRM06GwgL7I1H_4-_AzgDz2QtIEsWvYwFflkPNSJOLhP21dHeCMV2UeOHgR7z9OHwehF81dbGc-jGzKpAdPaJMK1s3FRGkCJ7fL6Q0TJlwXnSYNRmvFpf0pc8w-8amnBftUKBBRd_sM9VG69w3-u6jk0zf58TQUakdgXL5XjA5U8zcF1SQC8O3eScWIsyQEqbmhbgQQPfl17wzeo2qun2oUl1OF_wIdsoivSl3AYYOjrNVTcb-nKprsL3IaW2h1d2SjttFCSGBNYgn1apLz-EIN54IRHivpuYf-HXCJzllD2WO8BMOJiO4BWk1LelqVT1U3U3PZ4cqUvA7j-jGGPkF6nMGmXLI-EVAbm8q-LxSVLKiB29MB_9NteHoBq_aC5-wCz_DsZSrXcrgxBo3-_KYVZopdY68V6y80r_rXUXfn2CzDYsAuzepBTQhEcGuhf-jqtkJt2HdXh-cT4kqCE3CYFY9zPiLlgcXHrwgFDj7VmJ4qNzaVJd0Knl_9uI9Qd2cI7pwMdWRh9obvURDiMyrzU6F2_TCdozvzc4h_ZScgr9a9rEKwX-2tph5lyF7vacrDWp-GCNdfdrAX5Jy8cHWr_FDXM2WA97_D_fGr4CRz5KWtTYfgxdE3N7EbLd9ZhJbR0eZJad-wYZi7G5SjNOXwuXC07hanw0xt-5aOYS2jPYmKaxd9bFyQu4rMov1DD8ckwDYk3eCNS235lN32pHQKpNnqhYyq_MJgdxFVtXT_KOz7ghMczqnF3of0TeKMaUiFtllNTYwLTDqSzzc7e9-URza6PHF1gLhykWrDSvhLxp6sjuiEg0Gkn3f9TY3DWaY593J4FaMptBQ39XGNLNVWnysrrHt_fIr0KKtnZTZM9No-Q_CAH5OR_uA8_aWwcgdSXAm7yUm0wOvVTmnsch-WSg_tvvMVumoiHGZwrVv268ZWr5D975UW0axC7jb67z0GIpk614dwD6YNLCJJnNbxLoyGDTurK-UyK8OH8lkeAIHRJudApxdkrBIwczmoWpgGsFdjfOOstRFz2U3kNJthqh5RJpxaDTsuYlSrvH-mrG1ff1YB_iCq2OyTzWUcW1c3Oxu4aq_FNLTZFUBFoCXn2Paj5Qu1a4qHVSpT0vXS_Z1FQxYrliTw7z2NJ5nPX6buwEAIAcjypNdz-esvU835aheGGWlQNyS--p3loRQxTRPB-DyACPh86fuDAon8t-6OVtFWrAKbs9bmpYRumiImbKg4ahGsd-GvpNac1TxS-AK3_XAnUuF2FkkpwYsAswvCMydFVZB9WMlJL0jiJOpJuRTsrAGs21SRaxS9atxHO9d1dAaUCy-cXEOHTVRhLe_Cox8xFjDLINPUjhsNS180Xk-a2EhYMDkl7t3_XQ5N5gBanbmnh1fOFqrfaY1jbPsLr2kUgubXTHtl9TeSENVPSEA3bul0g7MfSDU5qvQ&cid=CAQSTwAvHhf_L_pMyhPkY7YSuTd8QCWG__8QYnV7rxYjUkIhAEfWEL43uwd0PhKXBy7higVIbZiBmCXAMHCCyi8fHBYkAYd6EUrfrByPW5YqvbQYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=15540253701279805000&adk=3047537734&idt=120&cac=0&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s30-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cors
rt.ad-score.com/score/
52 B
595 B
XHR
General
Full URL
https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=reurl.cc&l1=7942&l2=reurl.cc&l3=JP&l4=desktop&l5=5.832&cb=0.8949806761188124
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
35.208.216.174 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
174.216.208.35.bc.googleusercontent.com
Software
/
Resource Hash
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Dec 2023 05:37:06 GMT
Age
0
Access-Control-Allow-Methods
GET,POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://reurl.cc
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
52
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 67A4
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 11:48:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
236908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 11:48:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 67A4
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BXfiBAeZ7Zc2sJayQpt8PovCAQAAAAAA4AeAEAg&bg=!TE-lTwDNAAY3kmNgF5I7ADQBe5WfODYiUOx-OfTxiNnA3x-L4_Uzq7bcObkPtmpgzNTIpkd8auUwwWauaviEa6UcARVWAgAAAEJSAAAABGgBB5kDOxrCT6iacH-NPeEkqHuPoqnyWc3P7mNRVlTcab2JNcioXIgWF5L1xZYsbyeFDRurkuHUajnMorO-wkZaiS_c2FGFj99Rkfv6l0t0_mKScJl8RoN-TY5JyvKSdH6ML7REl3AznD4CZG9h5ugSntc7c8sttKC78kb7MNPMjyoG-L90dV-SUAuBPgJA-GU1aB06G9P86n7ID57gi1LUPl7NwN5FE0dzp_Zvo55KBIYK6_X4ZtghcjIyOx9CBRxdIH5etG_IoUWgQrphAPGcp76UpjYpPrqa9fzTGLWhj3jKlG4ILFiKPmH6O2IKVqqYUt89ypYIDEnSOqgcZPhoKtT_wz_2yF5y00LKXeIaqcGZZMPfWcv86Kwr0n2kzXgxJ2i6FPS72XQdNa0r1w-2cq752AkI8JiNbFAyTiLnb659NW40h5dAGI_tnHqbPRUj_-rmtWF28mgdtJTEp3AbazTgd19cBfAzGmzHPxh-kXHhSr8-wsnh5XHCPFtOR5dyiNmPTDr-Muoq3sb_xWyYDjWvNUHYt23eHgP_PyjPVBTjSyUz3FfZpDYUZyQrr92fzizv9ZdUzENr6vLze6n0GWfWXnd0h89l3dp7rWkvAp3x5GLLcF4IGaQNdYzFrkH5SB6Vi-HSedUi0oceOWyS_9nziY6euEgv3Ft3knaa0UZGU7MLK3SpS-UtgXZ_X96gbAw7bRRjqGvWYvH3DFofIpm0iNMEqqh6OTcaDnrW6Qzrw38662HaLX1HyZyUouUQFzOpKPRvBSTnC6Gvj2h56QSj1a128gFPY99fMJzJ-cKHNivM5eVES_DS0kGl_4Lh9RpgEtaXxBRH3_kdJYRlX2SO2g2WQLTmV4rKrP1-lwjNiy0pUqDop_wncwoyIoeBOKyfuVmoHCdcRAD9HZH1txO_xBfKpcEYRasDqwMZBv7o3yg7KBsPp36-Wnkb2bRfPB8wrY6yXIrgLtUDFfvCnHVvp3KA8BxF_Tq7wmCGhgCqkSZRrcoOxirWy2zvqm9XZKyjoSkfw1Nl0hAIHfpOgGqok6Qchv0rCClz34Urr1bRMLIJaMtbcAsA_8YrdMKlR19psaGqlGBW9YCjK3Sf
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
t.ssp.hinet.net/ Frame DE60
0
194 B
XHR
General
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=undefined&mp=09a7b4e2-d53e-4fa5-8220-9bae9e56c4ad
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:06 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
09a7b4e2-d53e-4fa5-8220-9bae9e56c4ad.t.ssp.hinet.net/ Frame DE60
0
79 B
Image
General
Full URL
https://09a7b4e2-d53e-4fa5-8220-9bae9e56c4ad.t.ssp.hinet.net/pixel?bd=09a7b4e2-d53e-4fa5-8220-9bae9e56c4ad&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:06 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame AABD
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNAYjlgT6yhaWiXeaxhf2q6ACXpck8VVv_Je281J9yxasFsVTz_fbh287Z9l9BU0LC2SybOh59t6qFnY7TNCqxGxMXmJOOcP5E30RBMxn8Aui8dDCov_qcOz-BL241Y3_A-JHbpfStIkhppqIdn6ajXcD6&sig=Cg0ArKJSzHP-sX3GqagREAE&id=lidar2&mcvt=1000&p=1180,1599,1181,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702618625204&rpt=219&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 62E5
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_I4FVFd79J75AAG9JZrNFKroAaAL4hGNO95RBZeQCbLPBfl6jz4NGG1S-4BzwD3j1N0UVBpOsV6ABYOkRNKhSBFab1lhZmiVxmnNKW_rDFPPR2R65HnHX-kRL1Wuv4LYyTB7MNIHxFYN1N3_mG_j0IsZYdGXl7fbKzfDUJuSKNK2AudfAO2bVSAz-U6xCiX9SvhGgD2yxZVfIf1kqgm9nzzz3TPwfO4QAcICszsAQ_g1JesO8vpafCNv_Bavo4oP1e-yRIEX9mrWw9kIflJFvHBN5Oc6Qhu2rzEPnsgMOtGFlj_JTAfholSGN1Y8B1-g17scyoeu-MvvhYsKUHnEV9neajNJx_p1rpUqSdveJcm1tw8xs030HDKDLDqV9a_Ow91qGbIdg3fNxVA&sai=AMfl-YQY2jLN7Mn6Q90W0keoM1OTePVodFSUaT7Aax7hgqj2OM3sw9zRD1iGnpfuFmwNJEhUiJmyk-pbSHlFbBoslFpZiu90JWsqIFaYZUJBHwZGDHHFvt73nJkKXH-ryg97oVT1Q5APOTXfYn_wrq85mvQN&sig=Cg0ArKJSzCvDNpaEup_QEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 15 Dec 2023 05:37:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3dafac0e2fb59b182b529f3d79b915f8d4a9e618475c38c6d223936a7ac951fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12235
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Dec 2023 05:37:06 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 511D
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
86149
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 05:41:17 GMT
expires
Fri, 13 Dec 2024 05:41:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4551
829 B
558 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d01d189c28ec8129e44f235ee45ff71eda39f0ca5a9ba26b714c67826541c5ad
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-L9w1AzVloXF38rQrePJEwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-L9w1AzVloXF38rQrePJEwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 05:37:06 GMT
expires
Fri, 15 Dec 2023 05:37:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame A59D
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv13MzfSjdErts8uv98-C4cXxdeGZYxThxuDNVGh5-26Z2PTEboqANxaYSo1ro81cMXCuvt340gx04atHl32fiQkOJ_95cdY1AK5XZiceRmRoTcdCK4SY05_t-7JTpJI7lQtPXyE7JyoUbvD79c3PoG6WXP&sai=AMfl-YSzc1B3AWYy79HBN0MKWfbQbzoyA65g5nNYGvxd6m763cMmBCiX2_eoVXoJinHcltiXoVet2HWRj12BfYFIlbgc_4tQKzFuRocm-tuMtIaj7YEQuVn3uOuM4bjUXjY1EQG9AUXXTQ_-9xoXCmfGpw&sig=Cg0ArKJSzJbRE29hJqsyEAE&cid=CAQSTwAvHhf_L_pMyhPkY7YSuTd8QCWG__8QYnV7rxYjUkIhAEfWEL43uwd0PhKXBy7higVIbZiBmCXAMHCCyi8fHBYkAYd6EUrfrByPW5YqvbQYAQ&id=ampim&o=270,108&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=290&tls=1290&g=100&h=100&tt=1291&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 511D
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 11:48:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
236909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 11:48:37 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4551
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=3293765971640957&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

prtct.php
stg.truvidplayer.com/v5.832/ Frame 3327
0
328 B
Document
General
Full URL
https://stg.truvidplayer.com/v5.832/prtct.php?val=f&geo=JP&timestamp=1702618627&level=0
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-129.nrt12.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Dec 2023 05:37:07 GMT
server
nginx
via
1.1 d0f0387f17e342499361c2e2e88948b2.cloudfront.net (CloudFront)
x-amz-cf-id
VLgDqKD30mkHAoecTZmtiVJIr6nX1QN04JDEIzqW11hG4efFsMBMOA==
x-amz-cf-pop
NRT12-C2
x-cache
Miss from cloudfront
generate_204
tpc.googlesyndication.com/ Frame 511D
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?LTEsgw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:37:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 2EC1
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWK21vQqi6yFMA4R9H84YUl1MW3vDO4nXrusCuA0r8-UsQwfxeDSLMJDEn6OWugOHhh35v0KRjGwHWq0a41kSTJ4wQfp222fpyBK4Abs1opepu_lyLdVYqbpZKHgP0PimzdMgte8BBhTba0nCaucFW85tu5lv5Um7_4XPlWW-tsjHkd9T-aTVMq1SD4HnKIlyhHclNAydWeP_qYysbCi5b9bAuSY_AUpsopXyVqtB-WyabY7lTD32kU4aBansAsHNhnc3P06KUlY8HUQghjjy4uljHezoqVHdg9pS3Tg8qaA8HZIilCAWi4QfjDo0y1vYwxLaEBZ80oZEUF9yebdU_67MfcPR2rWSZX7bu7YxTPBJmoOH2EgoqbxEWRDUZxFrrSIeHBIWT5HoZkMUYHaRtoQ8QeNuEKOXEvq5X3rIaNN0duTQPVNF6yO0cE7GZNqmBwoBLWCw2uGWa0rXh0BNxA-d9q4XiLVd1LwojgquuucCRYrQJ6XyN6-MiglAsfzA246X3MNlPk5kDZMd2EW3e0_uiuonG5t0Zd8pzj_BqNjfVgnc5R9L7h8chG072ZIjtrJh8ndiqVeNw3Q1dnj3_7Vc2Rz8DF9YPMxAYiC4A4bttVpvtqzlGYmsHHP2MTSspuylyn4-CY4WiouYFyVRUPE3iFcbX9IR3t-kwjHsFaBVLuorj4l9t1HdgSYm5juCejCv7Yke6jAygLCq6d-QEkW4tRQZvTDxKrWwRBw_3x30k4T_KbjVDwVwsCMCTzAFX7sHC72Qrs-nFdfml8wY8n2zRKhJIvGAMS8AHWPN3-sNGBYirebHRN_928W13ydv1GVE4pWKnxEf7nyt8KtzA81KE54a3xkRKMkJ2rsYo4Iuaev-CkAEHBLcJXPdHcbOE2kPVdyGnORzuwmCPQzZ4A4ziGolN545ZhLySPl4wJ_jFdwHfSZxNLwvT1uCl9k4Cottinw17TnmOL3wF8EsCu_dejvFDJTfjCMXr6yBwxBQ0n8HIFIkTffyfTprmJo-vhuZ3icpp-TCrkhX0kTKzkSzmDNaITPt1sMrt6_uu-BAp6Ozf2RaV-2A8ZeDrc9BvMWdx5UZKPoVq6_x_GEAl94_L5WxAQwfEX47z1OXbr39c028PZMqXUjkI9uty8Z4U0U6ZeWYInfbiMKniQdsG86zN62L9TsVN66xYynM56ZXPhuuITmSRZYKBCqF9M-lp5KvWuQyHbiYOdwYtIdfW_QKJhu8rYKiMJIVh78zCTQgLnI-i_0vQd1HxqqnjRvyPtd0tWYxLKGC03fmxcHLHO6HghWnaqfZd0p6LSUwX-XCqtLqFBo683K3bt0hZdjpRjXyn2oz4ZtL0tI5vnO20kgunAlXjgDG_rwHD9kBEuJ3GugUiMFFIwWdInOW_Zo9tU3vAXJMuXZlwx3vjZGGeujIBhvJYtbl_Fj77XG8d9sgasssuKwCQjTrR_tBJc_eA_sRX5xRayKD7700Fsaeq7VYSSow81nJ_7Fcy8kWI0HxFUFcyQj-Y_XhJkXoPPNhuhMbGp6lx_hh1PcCUSB6_VHEWBk31CRmI0iB2nVpO-hz8UfCAzLe-OwuAyr_MIoIhzwXpFRu7qnTIqa1upw&sai=AMfl-YRKkHN_BOItRCx7Hs51pkzK31jCs4XOq2mMx63P8lEYcd2G9kAvpdVLMxvY8NMZYdq9ZJ_f1vQB8OWX7HDxm3BT3Gr0A1kdepA9B_ugqcoLn3IVMnjyx7TKXmNKpUHgiV3lwdJp0Ru_Ljn2j1ro4Ax8oddZzUw2cCn1UD8&sig=Cg0ArKJSzOq5s-X9-DgzEAE&cid=CAQSTwAvHhf_L_pMyhPkY7YSuTd8QCWG__8QYnV7rxYjUkIhAEfWEL43uwd0PhKXBy7higVIbZiBmCXAMHCCyi8fHBYkAYd6EUrfrByPW5YqvbQYAQ&id=lidar2&mcvt=1002&p=455,315,545,1285&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=81851380&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702618625304&rpt=396&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 59D1
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWU3U05XbNP59Wh_iN8xLFNPZ3ZiLzICsP_sQl5HDCaBYOeHifcdhiujT37WuazCKrvCvjgrbhty3x3cNPCjYXt_2JZ5CZ3K-ypeXwDes4Pp1VFumH7zc64t4vNNGH8KH_kT1qMoLRF5yyWRQ7cf3aIRXt&sai=AMfl-YQw8RJv4MaWgxUbkPMiLIRu-kVG7CpvIA-8QU6ngJdKVnL9c3Y8xD-oFJLDFol7Hfn8jASBBArzlYSl_UdFyx_lBy8InG2Qw_xdkBw1OmsGHyDOtA6G0ysvWY48_XMk3bq80n3vLK4eom4LkguYqQ&sig=Cg0ArKJSzGme7Te0uvE8EAE&cid=CAQSTwAvHhf_L_pMyhPkY7YSuTd8QCWG__8QYnV7rxYjUkIhAEfWEL43uwd0PhKXBy7higVIbZiBmCXAMHCCyi8fHBYkAYd6EUrfrByPW5YqvbQYAQ&id=lidar2&mcvt=1000&p=108,1030,358,1330&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1451399479&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702618625311&rpt=535&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 59D1
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6407657292922&version=m202309260101&ct=76&x=1&cor=15540253701279805000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=3293765971640957&bg=!UVKlUh3NAAY3kmNgF5I7ADQBe5WfOLMlaN3jWzni_AgNzIum2UfktcB07pYIWp3GhNQ4ZoLcDJxDPh44Y33SQRgmYv0gAgAAAFFSAAAAA2gBB5kC5F74IgVKiMeChckac3QL6z9inZai9dLqvFqbBlj7uxh0STaQ_pbOWi3NU1hqNqwjaulzlcni8JBiNM07iYkmEc6bxkwxgjmjJg1zupgC_cXQN7iVWjhT0u-pnqMpLRm-jV9s5eXL4e87QpXmIw58O_fR5_bO1M8RirfQENisGEsZEbvcKxxne1uM4VOmKwsOZrLWqhWIK707HYCl9z8hmmzI6eu4O7mWh9e2vpdQZt55zuvy8QmwUY0I7RLk5lWkkIc2fnhlEjWf28KMvK0joLfRUmpnY4q7gv7XWUNgHeMLRGBsMco4Alld5OJBfCCiLwAizbALGSJw6COtdV9r7evBm3b4rKa64jalLA6NkWMsqSVDdPTv7kkFm1JFZDx_dRjUbTXZK6QSpAbf_zU5wF9Nk7uyezN6CGH8BlCOzbm8sF-VgoH9kWqeWjI8aRkl8QTAf9KDevW9VpNRLqijq9GoGFdJ89BZC_bJLtvcKdC-rFRZEFT8GLHM-EnnBQBkQ5VQxt0iVTgqsGAqC0FNArODJHvtHx1PUNfmRWjNzz5mQEJqAseUqsoQGhlV1fIsRy7orZZzpY6n_DCmhH6omaJz_Z_2UBAGSfCygsitPq5Y2NvO5vG8umEXcZ3saq405hCUweGqBLIjYjOo6GtLkq95Z394othQg84K3yH5p_19FhO_ffnpFRqMi4bfjfQ_w1I-6TSBWyagcNAku00kf8G7nj9J4ZkoRCuf-NCs0eOfQEjeoqlk41QeHlQ6bAOUAPuCsg3jIfLZLrc2FwFm52ydq2Ixnf56F7Z_QjkbtsD2CMH752kaVKUc7NzYWbIdglOuy14bkx79bnooiqYDtx0mq4LNAimMshBTqLexUD2tTDDNQIaj9P2ykbPDAqAPTB9QdUWIAM2xv20ac3R-7BWiyg4RWPxYLAbLTvhIij8EZFd7TNI6Terf9SBwjdEhg-xtf0TEM3QIoG-z4w_59qDY219I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame 62E5
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtM6Iue9SMboQ2OITjGGJKPiD5wvWTF2hEagmQD0zfEOkXDmF3F4OHOei06TfZboDRYLR4pnS7C1QcKBT1LqiblzS64tTwqqyhN6dAnPbcwONU7HV4TmkRTcrxCRKXXMuTHzgKmc13_CN1sk6KQ4KzUFRw&sig=Cg0ArKJSzKUDqfNRTA4JEAE&id=lidar2&mcvt=1001&p=108,650,358,950&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3242553145&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702618625349&rpt=1102&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/
0
17 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702618624612&gcd=11l1l1l1l1&dma=0&cid=460386100.1702618625&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1702618624&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&_s=3&tfd=5892
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 05:37:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/2_UQu_HhTQu.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19706.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7312691308914338813&__req=4&__rev=1010440713&__s=%3A%3Acdy5d2&__sp=1&__user=0&dpr=1&jazoest=21767&lsd=wM_GzEA5T5VW6gkF4PDHBr

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture object| sas object| googletag object| adloox_pubint object| anymindTS function| startAnymindTS function| gtag object| dataLayer function| Vue object| renews function| getRenewsFeeds object| app function| fbq function| _fbq string| labelToken string| category string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing number| google_unique_id object| google_tag_manager function| onYouTubeIframeAPIReady object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| _33across object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_145 object| Criteo object| Criteo_identitytag_145 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| brWidgetInit object| truvid_protected object| GoogleGcLKhOms object| google_image_requests

43 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _fbp
Value: fb.1.1702618624693.1050623409
.reurl.cc/ Name: _gid
Value: GA1.2.1615450021.1702618625
.reurl.cc/ Name: _gat
Value: 1
.reurl.cc/ Name: _ga
Value: GA1.1.460386100.1702618625
.prnasia.com/ Name: __cf_bm
Value: EFxBkHVf98GgO_pJmiaG9tgv8Q7.CaR5b1_uDTIDPnQ-1702618624-1-AXIJrG2gYQDlpNHyvd+DqzmkvrhfxFCbFRh+MC+hW44He9+S2X+E6Yv2XF1Wr5YA16I8I0y5QhkVc2M2g3SPglQ=
.openx.net/ Name: i
Value: e4e68a10-838b-4262-b223-6d0d1b359156|1702618624
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 264a082a262846ec3a71365da8ece5d2
.reurl.cc/ Name: _cc_id
Value: 264a082a262846ec3a71365da8ece5d2
.reurl.cc/ Name: panoramaId_expiry
Value: 1702705025038
.doubleclick.net/ Name: IDE
Value: AHWqTUnsjLLGGCZ5en7XQJqhMjR1YiZPJd8af-dyc-WSltZpu-fL_LzIAoNPPqGb0Qo
.openx.net/ Name: pd
Value: v2|1702618625|jElYiuvOhI
.adsrvr.org/ Name: TDID
Value: 08956d7e-87b3-4f97-9b4a-769ca3ad51ed
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzAyNjE4NjI1fQ
.reurl.cc/ Name: __gads
Value: ID=e6fe1787cce88e48:T=1702618624:RT=1702618624:S=ALNI_Mah2_gX23myfG5Aoezm6FavPHBUxg
.reurl.cc/ Name: __gpi
Value: UID=00000caef304c6e8:T=1702618624:RT=1702618624:S=ALNI_MaXR-qWj-85GIKNmu6I7kuyKyQfZw
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwj6--Ok086-PBAFOAE.
.ladsp.com/ Name: cr
Value: 1
.ladsp.com/ Name: smn_uid
Value: H9WKOGMRPe457drlI-UIlRA9TOIW1Rw
.ladsp.com/ Name: lum
Value: CKbq6d_GMRIFCAMQ0AU
.openx.net/ Name: univ_id
Value: 537072971|08956d7e-87b3-4f97-9b4a-769ca3ad51ed|1702618625338826
.reurl.cc/ Name: _ga_N394QBRGC0
Value: GS1.1.1702618624.1.0.1702618625.59.0.0
.send.microad.jp/ Name: TR
Value: db1730fb270e326afc9978774d9a47e9f4330ac339ecf8b4
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: db3c6194-d5f6-49da-be9e-cdcd61bde99c
.holmesmind.com/ Name: fcm
Value: 1
.casalemedia.com/ Name: CMID
Value: ZXvmAcrJFugJqOmp6FvjNAAA
.casalemedia.com/ Name: CMPS
Value: 5459
.casalemedia.com/ Name: CMPRO
Value: 5459
.doubleclick.net/ Name: DSID
Value: NO_DATA
.reurl.cc/ Name: CFFPCKUUID
Value: 4288-WCaCtW4B4nS0RAMyjG1MyT6uYpRrvInn
.reurl.cc/ Name: FPUUID
Value: 7872-76a2745e72fc638529a3b64a52cecbdd
.reurl.cc/ Name: ISMD5VERSION
Value: 1
.doubleclick.net/ Name: APC
Value: AfxxVi6lWZhlepE39h0PTXDFCY0U4WSAGSRQrVZaiI_GKjo2fEz7hQ
.googleadservices.com/ Name: ar_debug
Value: 1
.lndata.com/ Name: admckid
Value: 2312151337051498823
.hinet.net/ Name: uuid
Value: 09a7b4e2-d53e-4fa5-8220-9bae9e56c4ad
.reurl.cc/ Name: cto_bundle
Value: mmnUgV9LNjlDSmVyR2UwRU9EVWo0QnFlaVVlTjY3c3hmMG4xM0ZPRDglMkZTYk0yNDRTNkFSdEtGVGoxeWZEMCUyQjNjVlFPU3klMkZHZ3BMYkM5dkFLMGxFMDNZWklEMTB1S1NNR3JtWXJkVlR4S3dMam1Pc0lMaVZ0M1lGTFlvRXVaMGJaRkhlakVkNDlzRmNjMzFsNkE2TWVGREdPbnclM0QlM0Q
.holmesmind.com/ Name: P
Value: 472325-1kdrjvnVO0s5zUeiD8AZj1yYIbWKGfLI
.holmesmind.com/ Name: Vision
Value: 20231215-23:59,20231215-16,20231215-16,20231215-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.reurl.cc/ Name: truvid_protected
Value: {"val":"f","level":0,"geo":"JP","timestamp":1702618627}

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

09a7b4e2-d53e-4fa5-8220-9bae9e56c4ad.t.ssp.hinet.net
51baf7308cdc55a09916751c946a57b9.safeframe.googlesyndication.com
ad.holmesmind.com
analytics.google.com
anymind360.com
asset.re-news.tw
bcp.crwdcntrl.net
blog.alphaloan.co
c.holmesmind.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.holmesmind.com
cdn.jsdelivr.net
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cm.lndata.com
cnt.trvdp.com
connect.facebook.net
cr-p3.ladsp.com
creditcards.com.tw
dsum-sec.casalemedia.com
fcm.holmesmind.com
fcm2.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
img.gbyhn.com.tw
img.racingcharger.tw
invstatic101.creativecdn.com
jp-u.openx.net
m.holmesmind.com
match.adsrvr.org
mma.prnasia.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
re-news.tw
reurl.cc
rt.ad-score.com
s-cs.send.microad.jp
s.trvdp.com
s0.2mdn.net
scontent-itm1-1.xx.fbcdn.net
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
storage.re-news.tw
storage.reurl.cc
t.ssp.hinet.net
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rayskyinvest.com
static.xx.fbcdn.net
www.facebook.com
104.18.36.155
116.50.36.71
124.146.153.165
13.113.11.114
142.250.196.130
142.250.207.2
143.204.86.129
143.204.86.31
151.101.193.55
172.64.152.89
18.139.4.93
18.172.52.86
18.179.228.20
18.182.103.101
18.65.185.102
18.65.185.12
182.161.74.11
192.0.78.236
192.0.78.24
2001:4860:4802:32::178
2001:4860:4802:38::181
202.233.84.8
203.75.214.136
216.58.220.98
2404:6800:4004:801::2004
2404:6800:4004:80f::2002
2404:6800:4004:811::2002
2404:6800:4004:813::2001
2404:6800:4004:81c::2001
2404:6800:4004:820::2003
2404:6800:4004:821::2002
2404:6800:4004:821::2003
2404:6800:4004:824::2008
2404:6800:4004:824::200a
2404:6800:4004:825::2001
2404:6800:4004:825::2002
2404:6800:4004:825::2006
2404:6800:4004:826::2003
2404:6800:4008:c13::9d
2406:2600:4::1
2406:2600:4::b
2600:9000:20c4:c200:1e:5c56:d400:93a1
2600:9000:20e4:9400:0:e06c:e940:93a1
2606:4700:3034::6815:6009
2606:4700::6811:eec2
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f04e:f:face:b00c:0:3
2a03:2880:f10f:83:face:b00c:0:25de
2a04:4e42:400::485
34.102.146.192
34.117.23.234
34.120.107.143
34.149.98.30
34.95.67.231
34.96.70.87
35.185.130.121
35.185.136.122
35.190.31.54
35.201.76.93
35.208.216.174
35.227.249.156
35.244.159.8
35.244.196.223
35.71.131.137
61.216.47.122
99.84.133.75
05cab1d78cce8922cfc4b520eece4d1683d78f824894060dba4174c152f44d89
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
094519e9151eb01e7ce6adcb098638de24d0cf5f9182632d0f54c65a60a09e94
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4
1645cad81d4bb76aa3fbd0ce39096969dff9bd1b54157e67b44726f3eb02048d
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
175bf735a54eae5bed75416bd50d02e564eb89da5e1e1d71efd733eb484d8e04
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef
268469f2fe01b48b6de0271a6b278688bcd077e01c0fa98e0e969fedabf2d182
2937482391e1d0c459728ab5318f3b019d5d7f85551169109a679eb705af3e4a
2bd0ddcb6972531a5e93a4152a9903b859480510430ce5483008383d72f91ed2
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2ca9b8154eda919124700c5a189c42215aa9be89ba443d7d2fee713ed5a99ba5
2d5d6f95ace2ff593b15d49d3260bfcf34bb73f17b62e4a0660743359908a365
2d98213d5267f7ae207fd5d7469f0ffc82b2c1b413a0d066e1b004f200fccbab
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f77af6d36a569b80c5917f91babae462d09b0c0c958a5d94c80e7f674ccc9a4
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
331188fea1e94973bfa93294e0b753b0844232fdade9f93d85611dd1b19cf12e
38577598c11efc70455e3b0408f192fd4511b9c6ef6122271e3717b17c312ace
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
392528f2d2355a88ac20203a4a58b28ffeb4a4ebb07491f0674553eed523a78c
3abc2cf308effad347741a64ceb2e89090062f1a1435e68b471177f87800f7e7
3bee7ba056f5c932c33bc388aa4e7f9275e1b07d11cd6aae039dd274d2c99594
3dafac0e2fb59b182b529f3d79b915f8d4a9e618475c38c6d223936a7ac951fc
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38
41b08e5fc1ec4c39221b1565d47711bab2f86150867c623d7fcc5164e5f1d5c2
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4371540363ee4057ce880f4cabba16b2eadc29309528697a1a5debce615928a0
4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a23cd639f37b428b14b531a517e30f365b123cdcb3a41761732ac2ab36af9d
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
52ac73f3f70e5fb8aec73f2866f3549d1cacb6022b8710d6d432326571543bc0
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5f170477597d1e3c8d780789ece124ec1f6df29aa5efe45102401af3b660030f
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63d5839339ba5bae9d1058ea6cf1639f8050a6e2548f76c44f13a49666e6a9d0
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
6604d53f95876c8b7cabb0609501f5b453662e925a10a2e8002ecf3df5858439
6c2fb26a735ec81c19e5078d61251379be634e324f416ca9e679725b318ff913
6db7adc0a3e4b7cacff9f72a5dfa15ae3c907268cf068d49c87b159c60b2395c
6eafd5ec6725e90f6b921677cd3a321fb46813d8252eef1a9858c453a648b0c4
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
77eb7312e6dc1e090e7c68fc8e2d109272834b3f292006a5c6ae29c1cb5305c2
7b58928a256bdfbdc2548ac328b873c1b760e5ca1ef4a0512cda6f618742ba6d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83704ea221d768433c683c3603f96b776147f5e5ee6cc9225efabb73d488efb4
8500e346edfa5c3fff4163ea12186eeeb100f82a55f59e317ab99176d504937c
8564ffcd269b752d68f22746edf53a1499ef2c26ed7a1fc9c8370d81753fbb87
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b
948278f82eee06e6ab556c8f12fa917611a7c1b34383ab8311007849c4ab8965
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
970bfb4004579c73787d2f2744ce0c8c66d202ffbfd553ce318f458fdcfec5c0
990706829aa2bca47e97f5e8968b4cf8841c7c54c2ca26deb6be90dd62fc9310
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
ad939677568b08c5be2f82a3eb6198c75a7f96b724aff7277e6fe82f110f842e
addc9ac5a210b45df2df56baa4a6ce12ad514c1826ccacd468c7b9c9b218cbff
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afda040b9c4be8b58e9a50e55b5ef67ebb10a32f79fa0726f2472db9426d6797
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b8bc01762817b1c27ff22034ef061a3286d72b056777d6663d6fe687e6ec1f48
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
be7d6c3760ef09b16b7f89b3037b2b96ac05b23a9cd6c52944a4bbdfb7040429
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
d01d189c28ec8129e44f235ee45ff71eda39f0ca5a9ba26b714c67826541c5ad
d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572
d1bd63170e4cba4a8408381a617375d2e60a2546c06adda69a9f484c73d58265
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d7adabd54228f466c99f39ae64101429291a29657a8bd6db339115538b1142e8
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
d8e65749a56b2ac5451d794970517649fc715938e7e65ce0d45d2380d8b53ab5
dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0
dda6442ecddc4228446095b161faa7883ecc260ddd59a6764e8ba3295218b95d
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e235a512fecfaf2fff7c4eea48734fb1ce79c2a636ae0b1b0cb0d3eee0cb9d1e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b
f276072e7a6c8d236837b6bb94ed110bb58715939479dde97a86aae4589cba78
f3607a5ebca90d189de9d9a0f68a588db5c038fd1c6dfdce5f3ad0ab25f86798
f6c1aa49a5666d3e6e3998ef14751062a401fb45323d3a80d7bb0afecf0b0872
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fd5ab52da021087bc78c866c8a8649b61d3f74e2f6273e6649892290f40ee5f4
fe5aec7794493f6a6be25e6641722624d2211a009c3e6c2c81cd3808d20e9de4