reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://reurl.cc/gaOWLp
Submission Tags: gc
Submission: On December 12 via api (December 12th 2023, 10:18:30 am UTC) from JP — Scanned from JP

Summary HTTP 349 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 73 IPs in 7 countries across 55 domains to perform 349 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 116978.
TLS certificate: Issued by R3 on November 18th 2023. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	35.185.130.121 35.185.130.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
5	34.149.98.30 34.149.98.30	15169 (GOOGLE) (GOOGLE)
1	151.101.1.55 151.101.1.55	54113 (FASTLY) (FASTLY)
1	2404:6800:400... 2404:6800:4004:812::2008	15169 (GOOGLE) (GOOGLE)
18	2404:6800:400... 2404:6800:4004:821::2002	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
30	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
3	2404:6800:400... 2404:6800:4004:813::200e	15169 (GOOGLE) (GOOGLE)
1	35.244.196.223 35.244.196.223	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4008:c03::9d	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:821::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:81c::2003	15169 (GOOGLE) (GOOGLE)
10	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.35.49.123 13.35.49.123	16509 (AMAZON-02) (AMAZON-02)
5	2404:6800:400... 2404:6800:4004:822::2001	15169 (GOOGLE) (GOOGLE)
1	34.117.23.234 34.117.23.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	61.216.47.122 61.216.47.122	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	192.0.78.24 192.0.78.24	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:303... 2606:4700:3034::6815:6009	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:efc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.227.194.51 35.227.194.51	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20c... 2600:9000:20c4:b200:1e:5c56:d400:93a1	16509 (AMAZON-02) (AMAZON-02)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.78.236 192.0.78.236	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 7	2404:6800:400... 2404:6800:4004:828::2004	15169 (GOOGLE) (GOOGLE)
1	13.251.47.187 13.251.47.187	16509 (AMAZON-02) (AMAZON-02)
1 7	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.172.52.86 18.172.52.86	16509 (AMAZON-02) (AMAZON-02)
4	2404:6800:400... 2404:6800:4004:801::2002	15169 (GOOGLE) (GOOGLE)
27	2600:9000:20e... 2600:9000:20e4:2400:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
43	2404:6800:400... 2404:6800:400a:80a::2002	15169 (GOOGLE) (GOOGLE)
10	2404:6800:400... 2404:6800:4004:825::2001	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:826::200a	15169 (GOOGLE) (GOOGLE)
25	2404:6800:400... 2404:6800:4004:826::2001	15169 (GOOGLE) (GOOGLE)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	124.146.153.170 124.146.153.170	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	99.84.133.60 99.84.133.60	16509 (AMAZON-02) (AMAZON-02)
8 18	172.217.175.66 172.217.175.66	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:824::2002	15169 (GOOGLE) (GOOGLE)
1	18.65.185.40 18.65.185.40	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4004:81e::2003	15169 (GOOGLE) (GOOGLE)
1 1	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	143.204.86.119 143.204.86.119	16509 (AMAZON-02) (AMAZON-02)
4 8	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	116.50.36.71 116.50.36.71	18046 (DONGFONG-...) (DONGFONG-TW DongFong Technology Co. Ltd.)
5	52.68.5.49 52.68.5.49	16509 (AMAZON-02) (AMAZON-02)
2	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	52.192.40.163 52.192.40.163	16509 (AMAZON-02) (AMAZON-02)
13	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
2 5	35.201.76.93 35.201.76.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	35.227.249.156 35.227.249.156	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	54.95.167.198 54.95.167.198	16509 (AMAZON-02) (AMAZON-02)
11	2404:6800:400... 2404:6800:4004:820::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.196.98 142.250.196.98	15169 (GOOGLE) (GOOGLE)
1	13.32.50.91 13.32.50.91	16509 (AMAZON-02) (AMAZON-02)
1	35.208.216.174 35.208.216.174	19527 (GOOGLE-2) (GOOGLE-2)
4	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	210.59.219.34 210.59.219.34	3462 (HINET Dat...) (HINET Data Communication Business Group)
4 8	35.190.36.98 35.190.36.98	15169 (GOOGLE) (GOOGLE)
4 4	172.105.221.29 172.105.221.29	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
1	209.58.171.197 209.58.171.197	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
6	2406:2600:4::12 2406:2600:4::12	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
4	2600:140b:a80... 2600:140b:a800::17c3:5b8a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 4	103.43.90.114 103.43.90.114	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.251.42.134 142.251.42.134	15169 (GOOGLE) (GOOGLE)
3	34.149.43.113 34.149.43.113	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	2a02:fa8:c411... 2a02:fa8:c411:11::730	399104 (CNVR-APAC) (CNVR-APAC)
1 1	2406:da18:929... 2406:da18:929:5a03:1628:90e8:825a:7750	16509 (AMAZON-02) (AMAZON-02)
1 1	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	23.45.56.26 23.45.56.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	182.22.31.252 182.22.31.252	23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation)
1	35.213.187.112 35.213.187.112	15169 (GOOGLE) (GOOGLE)
349	73

1 35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.149.98.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.98.149.34.bc.googleusercontent.com

storage.reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.55 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:812::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2404:6800:4004:821::2002 (Australia)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:813::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com

storage.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4008:c03::9d (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:821::200e (Australia)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81c::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.49.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-49-123.nrt20.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:822::2001 (Australia)

ASN15169 (GOOGLE, US)

a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ae55ec5e96ad21362dc8f4b21f6110a2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.23.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.23.117.34.bc.googleusercontent.com

asset.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.216.47.122 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-216-47-122.hinet-ip.hinet.net

img.racingcharger.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.24 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

creditcards.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:6009 (United States)

ASN13335 (CLOUDFLARENET, US)

img.gbyhn.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:efc2 (United States)

ASN13335 (CLOUDFLARENET, US)

mma.prnasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.194.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.194.227.35.bc.googleusercontent.com

www.rayskyinvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c4:b200:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.236 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

blog.alphaloan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

scontent-iad3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:828::2004 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.251.47.187 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-47-187.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.52.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-52-86.nrt20.r.cloudfront.net

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2600:9000:20e4:2400:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2404:6800:400a:80a::2002 (Osaka, Japan)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4004:825::2001 (Australia)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:826::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2404:6800:4004:826::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 124.146.153.170 (Kakegawa, Japan) 2 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.133.60 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-60.nrt57.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.217.175.66 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:824::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.185.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-40.nrt57.r.cloudfront.net

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81e::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.8 (Japan) 1 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.86.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-86-119.nrt12.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2406:2600:4::b (Japan) 4 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)

cm.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.68.5.49 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-5-49.ap-northeast-1.compute.amazonaws.com

cm-dev-poc.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.192.40.163 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-40-163.ap-northeast-1.compute.amazonaws.com

fcm2.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b081f490-404e-4339-93b0-c73e80dbd3a2.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.201.76.93 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.249.156 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.95.167.198 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4004:820::2006 (Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.196.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.50.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-50-91.nrt57.r.cloudfront.net

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.216.174 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 174.216.208.35.bc.googleusercontent.com

rt.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.34 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.190.36.98 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.105.221.29 (Tokyo, Japan) 4 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1875-29.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.58.171.197 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2406:2600:4::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:140b:a800::17c3:5b8a (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.43.90.114 (Singapore, Singapore) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.42.134 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.43.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.43.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ae1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:c411:11::730 (Amsterdam, Netherlands) 2 redirects

ASN399104 (CNVR-APAC, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:929:5a03:1628:90e8:825a:7750 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.142 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.56.26 (Tokyo, Japan) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-56-26.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.22.31.252 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)

cksync.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.213.187.112 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
PTR: 112.187.213.35.bc.googleusercontent.com

tps-dn-ae1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	googlesyndication.com a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148 ae55ec5e96ad21362dc8f4b21f6110a2.safeframe.googlesyndication.com 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com	538 KB
50	holmesmind.com 2 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 132288 cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 171925 fcm.holmesmind.com — Cisco Umbrella Rank: 210108 fcm2.holmesmind.com — Cisco Umbrella Rank: 154750 c.holmesmind.com — Cisco Umbrella Rank: 107592 m.holmesmind.com — Cisco Umbrella Rank: 190604 ad.holmesmind.com — Cisco Umbrella Rank: 104322	280 KB
49	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 ad.doubleclick.net — Cisco Umbrella Rank: 139	651 KB
27	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 953 scontent-iad3-1.xx.fbcdn.net — Cisco Umbrella Rank: 5250 Failed	554 KB
18	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811 bidder.criteo.com — Cisco Umbrella Rank: 776	30 KB
13	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 84860 b081f490-404e-4339-93b0-c73e80dbd3a2.t.ssp.hinet.net	13 KB
12	appier.net 8 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 52931 gocm.c.appier.net — Cisco Umbrella Rank: 2197	2 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	276 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	207 KB
10	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	143 KB
10	google.com 1 redirects analytics.google.com — Cisco Umbrella Rank: 152 www.google.com — Cisco Umbrella Rank: 2	2 KB
9	openx.net 2 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643 us-u.openx.net — Cisco Umbrella Rank: 491 jp-u.openx.net — Cisco Umbrella Rank: 15595	2 KB
8	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 489 rtb0.doubleverify.com — Cisco Umbrella Rank: 754 tps.doubleverify.com — Cisco Umbrella Rank: 505 tps-dn-ae1.doubleverify.com — Cisco Umbrella Rank: 31611 tpsc-ae1.doubleverify.com	128 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	50 KB
6	reurl.cc reurl.cc — Cisco Umbrella Rank: 116978 storage.reurl.cc — Cisco Umbrella Rank: 432247	6 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	160 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	194 KB
3	lndata.com cm.lndata.com — Cisco Umbrella Rank: 161265	1 KB
3	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 38270 go.trvdp.com — Cisco Umbrella Rank: 34674 s.trvdp.com — Cisco Umbrella Rank: 30609	146 KB
3	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133 prebid-asia.creativecdn.com — Cisco Umbrella Rank: 26644	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	973 B
2	scupio.com prebid.scupio.com — Cisco Umbrella Rank: 92120	4 KB
2	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 27502	3 KB
2	gstatic.com fonts.gstatic.com	51 KB
2	ladsp.com 2 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 25818	1 KB
2	socdm.com 2 redirects tg.socdm.com — Cisco Umbrella Rank: 1450	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 331	714 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	12 KB
2	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 26283	515 B
2	re-news.tw storage.re-news.tw asset.re-news.tw	435 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	58 KB
1	yahoo.co.jp cksync.yahoo.co.jp — Cisco Umbrella Rank: 3260	622 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1381	1 KB
1	adkernel.com dsp.adkernel.com — Cisco Umbrella Rank: 7973	233 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 339	668 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	756 B
1	aralego.com hb.aralego.com — Cisco Umbrella Rank: 30104	170 B
1	ad-score.com rt.ad-score.com — Cisco Umbrella Rank: 27242	595 B
1	microad.jp 1 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 17722	526 B
1	alphaloan.co blog.alphaloan.co	181 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3858	107 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 5797	248 KB
1	rayskyinvest.com www.rayskyinvest.com	612 KB
1	prnasia.com mma.prnasia.com — Cisco Umbrella Rank: 534895	12 KB
1	gbyhn.com.tw img.gbyhn.com.tw	509 KB
1	creditcards.com.tw creditcards.com.tw	57 KB
1	racingcharger.tw img.racingcharger.tw	136 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1352	5 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	92 KB
1	anymind360.com anymind360.com — Cisco Umbrella Rank: 20760	42 KB
349	55

	Domain	Requested by
43	pagead2.googlesyndication.com	securepubads.g.doubleclick.net a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com reurl.cc www.googletagservices.com 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com ad.doubleclick.net
27	cdn.holmesmind.com	securepubads.g.doubleclick.net cdn.holmesmind.com ad.holmesmind.com reurl.cc
26	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
25	tpc.googlesyndication.com	reurl.cc a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com googleads.g.doubleclick.net
18	cm.g.doubleclick.net	8 redirects google-bidout-d.openx.net googleads.g.doubleclick.net 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
18	securepubads.g.doubleclick.net	reurl.cc securepubads.g.doubleclick.net www.googletagservices.com pagead2.googlesyndication.com
11	s0.2mdn.net	reurl.cc s0.2mdn.net 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
11	t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	static.criteo.net	securepubads.g.doubleclick.net cdn.holmesmind.com reurl.cc static.criteo.net
8	ad2.apx.appier.net	4 redirects reurl.cc
8	gum.criteo.com	4 redirects static.criteo.net
7	www.google.com	1 redirects reurl.cc tpc.googlesyndication.com 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
6	bidder.criteo.com	static.criteo.net
6	ad.holmesmind.com	cdn.holmesmind.com
6	www.facebook.com	reurl.cc static.xx.fbcdn.net
5	c.holmesmind.com	2 redirects cdn.holmesmind.com
5	cm-dev-poc.holmesmind.com	cdn.holmesmind.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com reurl.cc pagead2.googlesyndication.com 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
5	storage.reurl.cc	reurl.cc
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	cdn.doubleverify.com	5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com cdn.doubleverify.com reurl.cc
4	gocm.c.appier.net	4 redirects
4	mug.criteo.com	reurl.cc
4	googleads4.g.doubleclick.net	reurl.cc ad.doubleclick.net
4	us-u.openx.net	1 redirects google-bidout-d.openx.net googleads.g.doubleclick.net
4	www.googletagservices.com	securepubads.g.doubleclick.net 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com
4	connect.facebook.net	storage.reurl.cc connect.facebook.net fcm2.holmesmind.com
3	m.holmesmind.com	cdn.holmesmind.com
3	cm.lndata.com	cdn.holmesmind.com
3	analytics.google.com	www.googletagmanager.com
3	www.google-analytics.com	storage.reurl.cc www.google-analytics.com reurl.cc
2	dclk-match.dotomi.com	2 redirects
2	ad.doubleclick.net	5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com www.googletagservices.com
2	5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	b081f490-404e-4339-93b0-c73e80dbd3a2.t.ssp.hinet.net	cdn.holmesmind.com reurl.cc
2	prebid-asia.creativecdn.com	cdn.holmesmind.com
2	prebid.scupio.com	cdn.holmesmind.com
2	fcm2.holmesmind.com	cdn.holmesmind.com
2	fcm.holmesmind.com	cdn.holmesmind.com
2	stg.truvidplayer.com	go.trvdp.com s.trvdp.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cr-p3.ladsp.com	2 redirects
2	jp-u.openx.net	google-bidout-d.openx.net
2	tg.socdm.com	2 redirects
2	match.adsrvr.org	2 redirects
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	oajs.openx.net	1 redirects reurl.cc
2	a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google.co.jp	reurl.cc
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	cdn.jsdelivr.net	reurl.cc
1	tpsc-ae1.doubleverify.com	cdn.doubleverify.com
1	tps-dn-ae1.doubleverify.com	5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
1	cksync.yahoo.co.jp	5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
1	cs.media.net	1 redirects
1	dsp.adkernel.com	5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	tps.doubleverify.com	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	ae55ec5e96ad21362dc8f4b21f6110a2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	hb.aralego.com	cdn.holmesmind.com
1	rt.ad-score.com	s.trvdp.com
1	s.trvdp.com	go.trvdp.com
1	s-cs.send.microad.jp	1 redirects
1	go.trvdp.com	cnt.trvdp.com
1	cnt.trvdp.com	securepubads.g.doubleclick.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	scontent-iad3-1.xx.fbcdn.net	www.facebook.com
1	blog.alphaloan.co	reurl.cc
1	i0.wp.com	reurl.cc
1	static.wixstatic.com	reurl.cc
1	www.rayskyinvest.com	reurl.cc
1	mma.prnasia.com	reurl.cc
1	img.gbyhn.com.tw	reurl.cc
1	creditcards.com.tw	reurl.cc
1	img.racingcharger.tw	reurl.cc
1	asset.re-news.tw	reurl.cc
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	storage.re-news.tw	storage.reurl.cc
1	www.googletagmanager.com	reurl.cc
1	anymind360.com	reurl.cc
1	reurl.cc
349	89

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2023-11-18` - `2024-02-16`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
storage.reurl.cc GTS CA 1D4	`2023-12-10` - `2024-03-09`	3 months	crt.sh
anymind360.com R3	`2023-10-25` - `2024-01-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-20` - `2023-12-19`	3 months	crt.sh
storage.re-news.tw GTS CA 1D4	`2023-12-07` - `2024-03-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
asset.re-news.tw GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
img.racingcharger.tw cPanel, Inc. Certification Authority	`2023-10-22` - `2024-01-20`	3 months	crt.sh
tls.automattic.com R3	`2023-12-08` - `2024-03-07`	3 months	crt.sh
gbyhn.com.tw GTS CA 1P5	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.prnasia.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-11-24`	a year	crt.sh
*.rayskyinvest.com R3	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-03` - `2024-01-30`	6 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.trvdp.com Amazon RSA 2048 M01	`2023-07-26` - `2024-08-23`	a year	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.truvidplayer.com Amazon RSA 2048 M02	`2023-01-22` - `2024-02-20`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.lndata.com GeoTrust RSA CA 2018	`2022-11-23` - `2023-12-24`	a year	crt.sh
*.t.ssp.hinet.net	`2023-04-06` - `2024-04-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2023-09-27` - `2024-10-27`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-09` - `2024-12-09`	a year	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2023-11-30` - `2024-12-29`	a year	crt.sh

This page contains 45 frames:

Primary Page: https://reurl.cc/gaOWLp
Frame ID: 94DFB5DE0395F5FE12ED0D8AD263D165
Requests: 52 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: D2F99011AADADA4B8B843679B04016B4
Requests: 40 HTTP requests in this frame

Frame: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FEDF74EE8255E3D5E15A60AFB1F35CF3
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: F1BE1FA24AE14FE2E023EDAF609047A8
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszLco-Ehbfb31Jb2hesj9YD0dupMEq5HDwNd9QqaAUFou7LCGRXkEQXUCFYkRr-2QoyIqBMCu1PwBONcWzD0MgjRSBUYZBklJkPdec0qGxtptuiO6SDGGtWG0ETAt9n8af4p8NqV0WQnpFoHHZdOf8TyA3bK9Kw-OhHVJVlkgAN-ettmAygrLbUDJHgON3rZ3z5MHcZqJbPC-bDcdMlahVXgIAe5OtP9Ccf8dPauKfOHBT07cAPGBm6cMKXIuwpekO_B-9lptxL1hOxgVZb1oLUBQq30bJ63yVTduXnJuS1TUY9YIouzMUxKwueuzNwFifRUb3Ub9z-P1m3s0kebyYNkYucFgpZ4Lw2itDt5ZiEPgcfnfulJtbxXT6lwNbxFJcGecJGA&sai=AMfl-YSfhb05Sy6Gvs9xNP4SQAt3Uvd2GO0-umQEdM5J17KKUNz5oyktHho4Q_r68ryNOMB15vE5h3xJQCuK5ly0xhrhvx7BqQhvRyNfowweSBWYLLuZf1gq_Zsu3lIuV4SZu2Xbk1Ueue2jXaDLQxgr4YrV&sig=Cg0ArKJSzNOU2eJTSoUJEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: B5853049159BCFB04E2BE9ADA3C5A32C
Requests: 6 HTTP requests in this frame

Frame: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E196E26F174BC3BC0061C87B18177E02
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFd117gdbzqGTpHj67z9pjCjFkbxYXonizqh7VgW5E26KNhcMGuiEBCgB7SxUv-_Ht4bxwuElN861mE_MP1Kw7g05DMk5jSwL1rWokSXBGuHz-Zfy6yKBHMoYjMFZi5LkUSTMaI8sDOJS9n4uvIFEvBIezu1K-rWK9ZjXmp7lb7L-EkXnUSop5PbYJKNx3cCVVHNrkGVCU5PLWeNLOjQ-IVdh3OjDiPtwy0Ql0riuiZC0qwFZtMxm6qQ23WhzWA-nY7qHilfz51L2M90uKEXnO7niq_g6loEc0HOt0z5vb-kgdkqlv2FsuR6WtYIZeUpW3Vv7c6zW4FnvhpahTnKrKtjKWO1sWOeFBnfKovYBe0Wma8ZrDUfnx8uUX8kZIAOOn2MJ9nOYeRtc&sai=AMfl-YTQlVcO0p6msmxUkmHD9nbEc2utpDY1CpEU5zH3Bnzsr5gZpmLh8F6EytfxClRAod969UoUdM33zLB8WrmEn7CCJVL3XptFdE5rTaIQ1y69mcMsURSCvoXAbHAxlLbpwUKk9MOtC-qCvcMy5I2WFRqD&sig=Cg0ArKJSzK_CLN0zglAsEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: D26B4AF8DD7DB99915D779B285CBC9CC
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: E03003520DD9195898928F23C0008277
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupPQ3p_xFZEhfekEzAQUaKJdopsdWzti-jpW1YBYOH5mas1rGCgBrfZDp9IkXRsY7fqzNDwa65OSkMomS9Pz_z5ZU8zVopPX0DL8cvRYWAa06-NOEVNDSHFr-uZUtDscCx30dAbkkAogFmhJ3UVeHHZrFtNLiOnFr3Bj_gLL_kLAeXZYE-R8RaUBOogDiHWHMVWXcMMyGho1rfBMr36uocPBendwCLillUdJnsSSdMIOfIIKP-l7uTRbgJqSCtXM3ApzoEjqQOeWdQIAOkoB0-AV78YkNIsJ3zhmUY4-lhXnFwTPODjPFi1Zr1Lo0AOslpmPxp-76SSJB6Y0o0amJlQcnX6efb4csxh0udu3GII3VAEzFmtYlX2gp7tMKf6UAYOQCN8SZ16ww&sai=AMfl-YT39VJGgPhvAg-R-f08TAATU6_QG4NFFJL_jlhc43TZ0DedjDYrIJoZeDCO2KUj8AZU_OeQB_8Ne9n_JhTJsDriqFjBg8ku6EczqhFNlGSs3xbL5rI5oQDqZFpRGqv523sK15WGARlggaMsGivOEoP7&sig=Cg0ArKJSzJ8WkPzxjSrnEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: F5B152D1F338665957E6C5744875BC81
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6g0PkCEOrh7YsEGIfUuIACMAE&v=APEucNXPowYjTdMouP3nknE5O9VHxNIdbuau3E5XUCfwhnsCpxBSXAx8ubyAbckNqfBq4y-bkd3TLw3_m1tp82HwWVWI7-bBPQ
Frame ID: 3A9C67A95A0F9AE242265F3E6EC31A67
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Frame ID: 95882D58963EB6E92166EE53070AF3F4
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 0B34475DE8900833E2DDC2C06DC06484
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 673EA40AFBC5D1D71DC8D175DBDED5C4
Requests: 23 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: BF1069239050E56067F220C6D27B5EE1
Requests: 7 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 35FC51BAA312DB55F4F93E962ED9000F
Requests: 16 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: CEE1C3A61E24FDBDE164ED16EAC25F25
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: E0277F4F9F4F85E2C27A68DE522268DE
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: A45900E8718F3823273E82779FC94CAF
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 5F968B82A1E94067186A144880D5DEA6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BB0919774847ECEF9B191CE5E0D8384D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9211617412276625233/index.html?ev=01_250
Frame ID: A1841E3DB82EA01642A3D8656917835A
Requests: 9 HTTP requests in this frame

Frame: https://stg.truvidplayer.com/v5.832/prtct.php?val=f&geo=JP&timestamp=1702376304&level=0
Frame ID: A641A304EF4C7BCD5362E3CF4A8564E6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: A5BDE75F59BC07FAA0486B54B7ECB207
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 17D021E26AEBB9E1E5EC7DF59F2F44EB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2765-ac69bf05835fe423366c58eacb786977
Frame ID: 10385A0E85F416A2C4AC125BD8321ABC
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 510800059958F74971291DE29057125E
Requests: 21 HTTP requests in this frame

Frame: https://ae55ec5e96ad21362dc8f4b21f6110a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: B82E38D64108966D359A7B54658AB9F2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 80C3FB83B18242A8F78664E5B7453B9D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BF8B84151A455718FD99D18975D4E341
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 6C3B855B7777D88AA4BC030B6027CCF8
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 0315E72ECE1366F5DC45B751145EB415
Requests: 6 HTTP requests in this frame

Frame: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Frame ID: 34742B98FC92E66870148F4063F4E814
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2DB05BCB9008625E61CB8322063E057E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 32F68CD554719B3E241BB4E51B3AFC02
Requests: 2 HTTP requests in this frame

Frame: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Frame ID: BFC87431332A44B221B94D92FCA05AD2
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIY58LR6QEwAQ&v=APEucNX4PnaZACsYjpXU3SfUn8PXhjIqnU7mgt1IgDZUF29AzcGl1EqZcRGASuc97blF5vl7TgMdKs2bAuJoQ09M7b00aa2QQg
Frame ID: 065B60E5BFF68D1157A9B758C5848C8D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2F402527226FE95CE6E85B7B70782BD0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BC43E1660E18CF9124535110E662381B
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5125.js
Frame ID: 8298A4BBBB81267E272280F49A201EEB
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 88946E44B232CF12D91BB2CB15F678CA
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 29D2DCCF0F494CC1271643E904D957A9
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: A1069AEA88DF89C117D69CAAAB8948F2
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 13F8324AACBA4A092163BD91368C4211
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A2F6960550C2C8E07C20AAD56A10E59D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 327B1D98F78954CEE8F8CA23302BEABB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

縮短網址產生器 - reurl

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

349
Requests

89 %
HTTPS

37 %
IPv6

55
Domains

89
Subdomains

73
IPs

7
Countries

5981 kB
Transfer

13156 kB
Size

62
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://re-news.tw/
Title: 離開此頁

Search URL Search Domain Scan URL

URL: https://re-news.tw/renews/155

Search URL Search Domain Scan URL

URL: https://re-news.tw/racingcharger/45394

Search URL Search Domain Scan URL

URL: https://re-news.tw/creditcard/233018

Search URL Search Domain Scan URL

URL: https://re-news.tw/gbyhn/53342

Search URL Search Domain Scan URL

URL: https://re-news.tw/prnasia/4288927_XG88927_2

Search URL Search Domain Scan URL

URL: https://re-news.tw/rayskyinvest/111057

Search URL Search Domain Scan URL

URL: https://re-news.tw/zocha/6529021929c8b98fa9eb5390

Search URL Search Domain Scan URL

URL: https://re-news.tw/golike/21512

Search URL Search Domain Scan URL

URL: https://re-news.tw/alphaloan/20451

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: 表情符號(emoji)

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: IP查詢

Search URL Search Domain Scan URL

URL: https://youtils.cc/big5gb
Title: 繁簡轉換

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QRCode

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: 身高/長度換算

Search URL Search Domain Scan URL

URL: https://www.comptw.com/
Title: 台灣公司查詢網

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: 台股資訊網

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: 字數統計

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: 日期計算機

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: 農曆轉國曆

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: UTM網址

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1

Request Chain 97

https://match.adsrvr.org/track/cmf/openx?oxid=85952dd2-24ce-767d-ec24-48432509c645&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=85952dd2-24ce-767d-ec24-48432509c645&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=25022a30-8efc-4e5f-8757-6eed4e5bb110&ttd_puid=85952dd2-24ce-767d-ec24-48432509c645&gdpr=0&gdpr_consent=

Request Chain 98

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXgzbsCo8XYAALgpyhkAAAAA

Request Chain 99

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbFJRjFwWM5Tks8AEDxkC4eRVs8AAAGMXYjoZw

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKrd-FOcTM2cd_7K8D_IK5M&google_cver=1

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 117

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFdjrA5cX3awlvW3ZgWUtU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFdjrA5cX3awlvW3ZgWUtU&google_cver=1&C=1

Request Chain 119

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXgzbpgZYJZIwfjOOHlm0QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFdjrA5cX3awlvW3ZgWUtU&google_cver=1

Request Chain 144

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEMxSlw719Ls1Gpm5rFAehVE&google_cver=1

Request Chain 148

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEMxSlw719Ls1Gpm5rFAehVE&google_cver=1

Request Chain 179

https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=jFyFdnxpaTEzekNhSlN0aXltZDJUUjFaUkN0ZHFZekpaOFpsTkxnc0Uwc3JvVlk3WGRJU1F1MUQzaFgzK2hJU3hoMm9JVDUrTzRlc20xYzFlWFBvUEpNdDAvS3p3VFAvSTBCcU1pVTJTdU15c0t2S0xIRXVHdmh3aTlnS0IrVy9yS1BMakt0QUE0bjdHWjZqM0o0cWNuUGlMcjdaVi80cHR0UWtpTmxMV1ZhSk8ycjRxOE9rNWszSFRTLzZpd2JJbTFVM1UwVkJxa1J0TjF6WHVDVU9CSTc5WUJQR0lSZVgvbytNaE1kd3o0Nytnekw2bVcrU0E1cnpqdVZNZGtRQWxIOURVbHVNSlJnV0w2WE54YVNGRUc2Zmdmdz09fA&cppv=2

Request Chain 195

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=D38PMy1yAsGXtXZkcDN4ZQ

Request Chain 196

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=SsGr5q_FDcGpXhYGcDN4ZQ

Request Chain 227

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=944491-cWeK4Jdh2qEwcvxRgGEzjZZX89iceQ9H&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=944491-cWeK4Jdh2qEwcvxRgGEzjZZX89iceQ9H&uu_m=undefined&google_gid=CAESEMxSlw719Ls1Gpm5rFAehVE&google_cver=1

Request Chain 239

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=SsGr5q_FDcGpXhYGcDN4ZQ

Request Chain 240

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=SsGr5q_FDcGpXhYGcDN4ZQ

Request Chain 295

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENVQFcj59CfvmUSGvJ0PwFU&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENVQFcj59CfvmUSGvJ0PwFU%26google_cver%3D1

Request Chain 296

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc1NDQwNDYxNjcyMTQ3NTgwNg%3D%3D

Request Chain 297

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKrd-FOcTM2cd_7K8D_IK5M&google_cver=1

Request Chain 298

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTlmYWZlMTgtZWRiOS0yOGQ5LWY5YzQtMTJmYWVmZWIwODI1

Request Chain 324

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDU0diVN8nWQCzl2nf9LGKM&google_cver=1&google_push=AXcoOmQFZ75xb9H079NEWZBmNgQ0fc0iTxMvL8eOG_QFDON82wOix4aPetYMQazsUJ5lROXxgTd0d_jCp822QPGibz3ceSMYwi6TT1WXZR1bTsd-WtXnwuflzGGDkm7u9wtrgOG-EDWn-1PzcqpQV-Dh-PA HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=488b6115efc2215&is_secure=true&networkId=14000&version=1&google_gid=CAESEDU0diVN8nWQCzl2nf9LGKM&google_cver=1&google_push=AXcoOmQFZ75xb9H079NEWZBmNgQ0fc0iTxMvL8eOG_QFDON82wOix4aPetYMQazsUJ5lROXxgTd0d_jCp822QPGibz3ceSMYwi6TT1WXZR1bTsd-WtXnwuflzGGDkm7u9wtrgOG-EDWn-1PzcqpQV-Dh-PA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMG8TPoe6v7gMLcaftAAAAAAA&expiration=1702462707&google_cver=1&is_secure=true&google_gid=CAESEDU0diVN8nWQCzl2nf9LGKM&google_push=AXcoOmQFZ75xb9H079NEWZBmNgQ0fc0iTxMvL8eOG_QFDON82wOix4aPetYMQazsUJ5lROXxgTd0d_jCp822QPGibz3ceSMYwi6TT1WXZR1bTsd-WtXnwuflzGGDkm7u9wtrgOG-EDWn-1PzcqpQV-Dh-PA

Request Chain 325

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEfjrieVxWVeaQZ8bKoSECg&google_cver=1&google_push=AXcoOmRGZ_xiVgzIpuj8hiLurUbjWoWZIc3CW4O7DJhX0hxZ1UFhA9Vc52HqIQRPK5FsnIOITb9RB9YSkEaaIhwxZEcD7GbTOIAyrKEhWAUNgc2cvvLg1YH-eIjrkFM2HnwYBJNIpyfKOIraHJdFubEsrA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRGZ_xiVgzIpuj8hiLurUbjWoWZIc3CW4O7DJhX0hxZ1UFhA9Vc52HqIQRPK5FsnIOITb9RB9YSkEaaIhwxZEcD7GbTOIAyrKEhWAUNgc2cvvLg1YH-eIjrkFM2HnwYBJNIpyfKOIraHJdFubEsrA&google_hm=eS13WDUxZUdKRTJwR1JCa1luV0xYa1RqYkljSjJuNG8weH5B

Request Chain 326

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN0SwdrjAYLgodpxB7rsOTk&google_cver=1&google_push=AXcoOmSWy4HJAjv-oS51chKTqUBxt-gDqKrS1VikOo16sCQx0_KG9z4plkY44CUiAN5Nc1Yqp8QHSiFDpCYD39tBDRIWFDVY_ZPys04Fb5aNDvnkl3ITOHqlWwRICv_oMNt6zikNj9VhezpYWnrGWilJdw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyNldESEQtMjctR0oxQQ==&google_push=AXcoOmSWy4HJAjv-oS51chKTqUBxt-gDqKrS1VikOo16sCQx0_KG9z4plkY44CUiAN5Nc1Yqp8QHSiFDpCYD39tBDRIWFDVY_ZPys04Fb5aNDvnkl3ITOHqlWwRICv_oMNt6zikNj9VhezpYWnrGWilJdw

Request Chain 328

https://cs.media.net/cksync?type=g&google_gid=CAESELshdkx25YtPwV9qQ15GZ2I&google_cver=1&google_push=AXcoOmQQHxHRutHofM1MLOQC50ukSv4xpfOH92dmvP7eldJQ1nr6CQ2rev7t7kzArAZz38fDa1ETfcfOeFAIR5-og7UN6bI0EeimFuWCN6wA3lYOgdYV4NmAh65urLS-wA7pgsfedGTyYFHwy5j7ZbPBtKI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ1Mzc3OTA2MDAzMzI1NjAwMFYxMA%3d%3d&mn_hm=MzQ1Mzc3OTA2MDAzMzI1NjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQQHxHRutHofM1MLOQC50ukSv4xpfOH92dmvP7eldJQ1nr6CQ2rev7t7kzArAZz38fDa1ETfcfOeFAIR5-og7UN6bI0EeimFuWCN6wA3lYOgdYV4NmAh65urLS-wA7pgsfedGTyYFHwy5j7ZbPBtKI&gdpr=&gdpr_consent=

Request Chain 329

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESECgi4-b9qrfCqa3417k-ceI&google_cver=1&google_push=AXcoOmSoeNN2oxgGmByaWfpCNlz5K3SuLwq2JPJFkoeGx3OrzfpDNxeKr7X2SFc7CZqS83O2K9EFhwNrS_iNcnQf8Pwt6VjejB_oojzixjQHaIgBbB98oUwN3OSVJeeKWMCzgZENV6VDPoM5-CDtknm1qWg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmSoeNN2oxgGmByaWfpCNlz5K3SuLwq2JPJFkoeGx3OrzfpDNxeKr7X2SFc7CZqS83O2K9EFhwNrS_iNcnQf8Pwt6VjejB_oojzixjQHaIgBbB98oUwN3OSVJeeKWMCzgZENV6VDPoM5-CDtknm1qWg&google_hm=WlhnemNzQ284WFlBQUxncHpVb0FBQUFB

Request Chain 348

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=A1hFI18lMkI5U2VnejBiU0ZUR2xpdVdMVjFhN3YyUFhKRlZTUEprUFM4Q3hHOCUyQnBKOTZvdVN2NEZ1aGlXZ2RqZUJQYmZqMHhjN2FpYmhRUW0lMkY5YiUyRkdRN1RyeU5DajBDd0hJZ3RpZk5Xa2lwVzQyR1Z3S3FGdjRwUFJNamliRkUxcHFGOFEyNzhHV012SmZ3TnJqNW1MSlMwNkhiQSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=W3sgNnx6dmYvOXhyVm14UGJVekxUU1pmaG5yYVR1YUVOdUZ5QlBwWm1ydjgwTTZkZ0J5WUhxN1FSU0QzbmErQW0xTUJCOEhKTTN3SldBRnZBNHdXZ216dVZ6bW9rMEhuZVJXVnFYSkNHendhT0pHa0NoU1Qzb0I2TFAyOTZmM3ZzbWc4WnpKT0YxaGR0aGplcFJ5aFdVU0N5QUJRNFdoYW1LL1BncVlmdStpWGJiQmR4SGFUUktGODFvT3JsRWtrTFhkR3hSeHJyRzE3dlhTNTVrdkJMcjZUNkNCcXZtMUhZYlpTb0V1NVV0K2lFbWtRT2U5aGxRSWpjTlBURlFnekMzM0NSOXZkRkl2TDVYL01SenR2NWNVWXUwcFNvaUlYMTBvMUdYUDNkUEsvRG9GWT18&cppv=2

Request Chain 349

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=A1hFI18lMkI5U2VnejBiU0ZUR2xpdVdMVjFhN3YyUFhKRlZTUEprUFM4Q3hHOCUyQnBKOTZvdVN2NEZ1aGlXZ2RqZUJQYmZqMHhjN2FpYmhRUW0lMkY5YiUyRkdRN1RyeU5DajBDd0hJZ3RpZk5Xa2lwVzQyR1Z3S3FGdjRwUFJNamliRkUxcHFGOFEyNzhHV012SmZ3TnJqNW1MSlMwNkhiQSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=_Q0XAXxtWUQ3OGVka3Z5cFRVOXhqNXNsSzJYaGFpem5hZGFYVDcxd3E1YVp4bFNKNGRpWHl0MG5kRHRwZU0wWmsxK2ZENlRlSnRHcjFmZHdoZHZhTXZxWDRmVlZ4THl4R0tqRDdvdklCb1RERksrU1ZEamJRZHRud2lHekZjQy94MjlySkJGL1BtZTRSZjMzeW9RcDI5dE9pQ0NKcUdFZHpOTzRQWEgvUGk2VVhxUGt2S28wQVlsNU1KaGk2Y2cyb2pnRGM5QTFoTWFGc2ltQkdqMEMvcm0vU0RXT0V0RG1EYkk2dWE1VXFMdVBGcWZkclNhTG9JWG9GM3BocnFnTWJ2MTlnWG45Q0JnQ04rbUQ1aWd2Z3dOTG9UZXV4K2FIU1grQTF0U1dNWGtJaWVIST18&cppv=2

Request Chain 350

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=A1hFI18lMkI5U2VnejBiU0ZUR2xpdVdMVjFhN3YyUFhKRlZTUEprUFM4Q3hHOCUyQnBKOTZvdVN2NEZ1aGlXZ2RqZUJQYmZqMHhjN2FpYmhRUW0lMkY5YiUyRkdRN1RyeU5DajBDd0hJZ3RpZk5Xa2lwVzQyR1Z3S3FGdjRwUFJNamliRkUxcHFGOFEyNzhHV012SmZ3TnJqNW1MSlMwNkhiQSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ptEkFXxPb3U0RkpnVHF4VzlCNDRIVUs3dkF3WnQ5bkcyMllpclUveDAwU2Npa1duZURGMVhyTjdDZmtRNGZMSGFTQ2FoWWhzSFAwWjhTckcrN1phaDRVWmE4Tlo3aEkxVUJDb0JBMndFUEdNQjNjaWlZelowUy9SenVqUFhUOHpZUldVYmZrbWlodGZqQ0FtUTA3WFV0Rnl0elBHMGdYT2hyYklWb2RRblFaZ0pjb3JsOU5IMWFCOFZGcnM4RnZnWXdyQXVTK2wwSzAxb1lObjVjQktUdmJkeGZodyt4NUo1MlRIWTlEREZnLzJlK1FGYUYxM21jc3FLVjVieWFhaFZPY2xVRWNPQUZMdEFnaC9tdnQ3ZG5OdVpmWGNreHhhL0Fta2JVTndFdTVyS25pVT18&cppv=2

349 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request gaOWLp Show response
reurl.cc/ 9 KB
3 KB 200ms
50ms Document
text/html 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 354a8c772ee54f0794768cda3d1634463ee1cc620fb7dbc96bd0dde2fb2b2884

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 12 Dec 2023 10:18:21 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx/1.18.0 (Ubuntu)
target: https://cla2.cn/SpY
vary: Accept-Encoding Origin
x-request-id: 789bd9ba-c798-4cf2-bec8-8de6c119c886

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
26 KB 17ms
2ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Dec 2023 10:18:21 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4162667
x-jsd-version: 4.3.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25648
x-served-by: cache-fra-eddf8230028-FRA, cache-nrt-rjtf7700038-NRT
x-jsd-version-type: version
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
storage.reurl.cc/stylesheets/rwd/ 2 KB
1 KB 65ms
6ms Stylesheet
text/css 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/stylesheets/rwd/style.css?v=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:07:31 GMT
content-encoding: gzip
via: 1.1 google
age: 7850
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 904
x-request-id: c5eb30f6-f6bc-4447-af83-ed3f194b4049
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 ats.js Show response
anymind360.com/js/9479/ 178 KB
42 KB 12ms
2ms Script
application/javascript 151.101.1.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/9479/ats.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fa838177ca10bab53b29da1d0f8de3070a4c650ee4decff5b6ecefa4e62a5727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Tue, 12 Dec 2023 08:20:28 GMT
date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 7073
x-guploader-uploadid: ABPtcPpHQAVxCI8ETnodggnNUSSqPQssXPpZmZ_jGEBIWNK4v4v7aW8eIK4-yOXFT-1zz62hy6IS_5Zd8g
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 42522
x-served-by: cache-tyo11954-TYO, cache-nrt-rjtf7700039-NRT
last-modified: Tue, 12 Dec 2023 08:20:28 GMT
server: UploadServer
x-timer: S1702376302.635661,VS0,VE0
etag: "26ffa344cc01915e1eb16ac4ac52de7d"
vary: Accept-Encoding
x-goog-generation: 1702369228391335
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=jGNN6g==, md5=Jv+jRMwBkV4esWrErFLefQ==
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 42522
accept-ranges: bytes
x-cache-hits: 1, 19

GET
H2 200 pixel.js Show response
storage.reurl.cc/javascripts/ 429 B
524 B 5ms
3ms Script
text/javascript 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:50:19 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 26882
vary: Origin
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 429
x-request-id: cd26f28e-255c-42e5-8d7a-e1f439cce608

GET
H2 200 ga2.js Show response
storage.reurl.cc/javascripts/ 536 B
637 B 3ms
3ms Script
text/javascript 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/ga2.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 05:16:25 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 18116
vary: Origin
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 536
x-request-id: 3a64b517-3194-49f9-bdaa-14adbee5ebfd

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
92 KB 84ms
43ms Script
application/javascript 2404:6800:4004:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3f88aff30bbf3ef655fbe0e8ec14e0f9a6d7eb8c61ee1d1bfc78d56e6515df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93882
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Dec 2023 10:18:21 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 112ms
68ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe8525e548365fa0470fc7e4bc895a0797864161112b2a5561ea911438b293b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29430
x-xss-protection: 0
server: cafe
etag: 108 / 19703 / m202312050101 / config-hash: 11999804698944333348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 10:18:21 GMT

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
33 KB 16ms
2ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Dec 2023 10:18:21 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6685680
x-jsd-version: 2.5.16
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33184
x-served-by: cache-fra-eddf8230020-FRA, cache-nrt-rjtf7700038-NRT
x-jsd-version-type: version
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 renews.js Show response
storage.reurl.cc/javascripts/ 412 B
504 B 103ms
44ms Script
text/javascript 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:21 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 0
vary: Origin
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 412
x-request-id: 04494fd3-a76b-4307-9892-d0bf990a7bfb

GET
H2 200 loading.js Show response
storage.reurl.cc/javascripts/ 134 B
253 B 65ms
6ms Script
text/javascript 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/loading.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 03:55:04 GMT
content-encoding: gzip
via: 1.1 google
age: 22997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134
x-request-id: 6591d63c-233e-41c0-8666-04260bf6a751
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame D2F9 94 KB
26 KB 223ms
215ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e4cd86f53f4cea6ee3cebed2d7702255d8b1a0330be9271f1cdd124c92ef450

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 10:18:21 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: vfdql+THaqacqtCxepPvQ+EFWKx1oHpuWjSwoOXJCH56ZaIdTwqI6/3Zko1egkRc8M2JjG2D18rm+eU8FMigdQ==
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 11ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 12 Dec 2023 10:18:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 8hTmTD0yxIkJ6JPr4/wbUIEJ/HJMCUvyigw5IyQH+8Qo1My2uRi/Ing3GU1FEtATYwCRuqFbdzyhbBxlj9ktHw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 44ms
2ms Script
text/javascript 2404:6800:4004:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 08:42:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5732
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 12 Dec 2023 10:42:49 GMT

GET
H2 200 feeds Show response
storage.re-news.tw/ 7 KB
7 KB 155ms
46ms XHR
text/html 35.244.196.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: ea75147436a6b5a51c64c3be82d1c848b32d1758611ccd54ab7e6de10d833b97

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:21 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"1d1b-WayFEa5wMG0UZEMyskOyYZ1Pabc"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7451

GET
H2 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 126 KB
33 KB 3ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.138&r=stable&domain=reurl.cc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

096f85ac6d28eb274e8f6bcffc83c4d3baf2041bd4befd0adea68c566b20c57b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 12 Dec 2023 10:18:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 33827
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: cj4uik8F6ZyeKdeLPahNINPuBk2WkVrpn6xV33X+5vUra2fO+4CvhQnDvmtHa3ueeALI1+Qn01sCfdmzRbGd6A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 3ms
3ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1702376301770&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1702376301767.63346964&cs_est=true&pm=1&hrl=7a1c4f&ler=empty&it=1702376301752&coo=false&cs_cc=1&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 12 Dec 2023 10:18:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
142 B 44ms
43ms XHR
text/plain 2404:6800:4004:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=133622509&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2089015063&gjid=483517135&cid=197797429.1702376302&tid=UA-102456694-1&_gid=2052360573.1702376302&_r=1&_slc=1&z=998712681

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 2ms
2ms Image
image/gif 2404:6800:4004:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=133622509&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MzEuMjA0LjE0NS4xNzI&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=197797429.1702376302&tid=UA-102456694-1&_gid=2052360573.1702376302&z=953356693

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 20:42:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48963
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/ 431 KB
135 KB 3ms
2ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37794
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138171
x-xss-protection: 0
server: cafe
etag: 7807444821274263820
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 10 Dec 2024 23:48:27 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
154 B 142ms
46ms XHR
text/plain 2404:6800:4008:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=197797429.1702376302&jid=2089015063&gjid=483517135&_gid=2052360573.1702376302&_u=IEBAAEAAAAAAACAAI~&z=2137740349

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c03::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 12 Dec 2023 10:18:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
249 B 132ms
38ms Ping
text/plain 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702376301696&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=197797429.1702376302&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702376301&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=page_view&_fv=1&_ss=1&_ee=1&tfd=449
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 107ms
46ms Ping
text/plain 2404:6800:4008:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=197797429.1702376302&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c03::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
408 B 90ms
44ms Image
image/gif 2404:6800:4004:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N394QBRGC0&cid=197797429.1702376302&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1&z=2127002005

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 575ms
285ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 13 Dec 2023 10:18:22 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 37ms
16ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 20:31:13 GMT
server: cloudflare
age: 389379
etag: W/"65401291-2b7d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8345390f1f556849-NRT
expires: Fri, 15 Dec 2023 10:18:21 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 19ms
4ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:36:08 GMT
content-encoding: gzip
age: 546133
x-guploader-uploadid: ABPtcPrzhqbhZjv7bM7br6pJ3NIIBiH5qc7wUBgq3yOYccE07JrMSAq2kZcEsqZhQF1n9T1NUiO83Jney5Y5WBSegqoRWA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 05 Dec 2024 02:36:08 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 252ms
241ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 2e0751f2a8e97f238dca2236523acc2a
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 79ms
3ms Script
text/javascript 13.35.49.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.49.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-49-123.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:44:42 GMT
content-encoding: gzip
via: 1.1 98ad3b0157ad734930c74fb6551aa14e.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C1
age: 56691
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: r7ZGnYoLoYUaavWXM_rKAuLmFOMhzgFKdQQ5s26tfUlg5UOx_0SMzQ==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 143 KB
33 KB 405ms
404ms Fetch
text/plain 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1170363582578810&correlator=3516150224642982&eid=31077978%2C31080078%2C31080129%2C44807690&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847%2C13848%2C13856%2C14210&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702376301908&lmt=1702376301&adxs=245%2C1005%2C245%2C625&adys=455%2C108%2C108%2C108&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=1140x90%7C380x250%7C380x250%7C380x250&msz=1110x90%7C350x250%7C350x250%7C350x250&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=197797429.1702376302&ga_sid=1702376302&ga_hid=133622509&ga_fc=true&dlt=1702376301623&idt=254&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=81851380%2C1451399479%2C827794272%2C3242553145&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9e5168f44d3bf94e4cfa28c017cafa204601234d2c0f1ba260edc4d90252c7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34009
x-xss-protection: 0
google-lineitem-id: -1,6298588766,-1,6297900949
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138432380934,-1,138432357881
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 364ms
363ms Fetch
text/plain 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1170363582578810&correlator=3516150224642982&eid=31077978%2C31080078%2C31080129%2C44807690&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702376301916&lmt=1702376301&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=195x-1&msz=195x-1&fws=512&ohw=0&ga_vid=197797429.1702376302&ga_sid=1702376302&ga_hid=133622509&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY0cqj7MUxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjRyqPsxTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y0cqj7MUxSABSAghkEhcKCHJ0YmhvdXNlGNHKo-zFMUgAUgIIZBIUCgVvcGVueBjRyqPsxTFIAFICCGQ.&dlt=1702376301623&idt=254&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=3261691140&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3424a152479aee7ab4e7585f9c8305b4722391899e9d6233274ea865f772debd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12503
x-xss-protection: 0
google-lineitem-id: 6263003938
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138428653768
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FEDF 6 KB
3 KB 199ms
47ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 10:18:22 GMT
expires: Wed, 11 Dec 2024 10:18:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 mocpogo_01.jpg
asset.re-news.tw/images/ 427 KB
428 KB 327ms
5ms Image
image/jpeg 34.117.23.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asset.re-news.tw/images/mocpogo_01.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.23.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.23.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 675c68ec272e15adac541942a16ddfa45419f6f959147e4728a4e26c512520ad

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:27:56 GMT
via: 1.1 google
age: 3026
x-guploader-uploadid: ABPtcPpAreQEhVnf1EX3ND3kULHCR_qxQZKVAW4K1nz5rpLbmk7ER5FJjMOvAXmlLbN4rDKsMNj151_Oeax9XvZTK6PvqA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 437364
last-modified: Wed, 18 Oct 2023 12:58:27 GMT
server: UploadServer
etag: "2336bdf757022c5d87b79cbbbcd1b477"
x-goog-generation: 1697633907721269
x-goog-hash: crc32c=dvOsJw==, md5=Iza991cCLF2Ht5y7vNG0dw==
content-type: image/jpeg
cache-control: public,max-age=3600
x-goog-stored-content-length: 437364
accept-ranges: bytes

GET
H2 200 2023121204263472.jpg
img.racingcharger.tw/wp-content/uploads/ 136 KB
136 KB 352ms
147ms Image
image/jpeg 61.216.47.122
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.racingcharger.tw/wp-content/uploads/2023121204263472.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.216.47.122 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-216-47-122.hinet-ip.hinet.net
Software: Apache /
Resource Hash: 236858260a5b5a35991c9255afe177bdc456c017efd8edffbfa707662484987f

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
last-modified: Tue, 12 Dec 2023 04:26:38 GMT
server: Apache
accept-ranges: bytes
content-length: 139591
content-type: image/jpeg

GET
H2 200 2023-%E5%AE%B6%E6%A8%82%E7%A6%8F%E5%84%AA%E6%83%A0%E5%BD%99%E6%95%B4-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2023/05/ 56 KB
57 KB 503ms
132ms Image
image/webp 192.0.78.24
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditcards.com.tw/wp-content/uploads/2023/05/2023-%E5%AE%B6%E6%A8%82%E7%A6%8F%E5%84%AA%E6%83%A0%E5%BD%99%E6%95%B4-1080x630.jpg?crop=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c3407b0f863ae7b317fe7d42783fa6fae9b38e3de51ba4fe7886cab5f0eac8e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-ac: 3.nrt _atomic_bur BYPASS
content-length: 57830
x-nc: HIT bur 2
last-modified: Wed, 29 Nov 2023 05:08:04 GMT
server: nginx
etag: "2b3f904a1714b337"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
expires: Fri, 28 Nov 2025 17:08:04 GMT

GET
H2 200 1702300951-62822785f71b9d22e467747a7505fc98-840x525.png
img.gbyhn.com.tw/2023/12/ 508 KB
509 KB 151ms
11ms Image
image/png 2606:4700:3034::6815:6009
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gbyhn.com.tw/2023/12/1702300951-62822785f71b9d22e467747a7505fc98-840x525.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:6009 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ae91e390e5e2738143bfe09cfdd67f215aa3d7ed025ca8e0bb2fb1f18f2ea3

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73013
alt-svc: h3=":443"; ma=86400
content-length: 520165
last-modified: Mon, 11 Dec 2023 13:22:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ow71Q5aUwOFM7rgFAhjpfuZLJ89kqp50TPz%2Bv2wR%2BfAtNRde4cTYbfwQK%2BERTOyS3vFzN60snyXd2t1cGS4OBAUgOejwoJk4UVX6z%2FK%2BlqAg%2BTJtevHJbf5CxjQr%2BTbRbjrnhHYw4M7jMF2wosO0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 834539101ec434ed-NRT
expires: Mon, 18 Dec 2023 13:23:35 GMT

GET
H2 200 Azentio_Logo.jpg
mma.prnasia.com/media2/1978771/ 11 KB
12 KB 26ms
13ms Image
image/jpeg 2606:4700::6811:efc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mma.prnasia.com/media2/1978771/Azentio_Logo.jpg?p=medium600
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:efc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4ec7e2cdfaf63939b2388677506d602546be7d1a21a55e8ab672d34cbe6ea80f

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:21 GMT
cf-cache-status: HIT
age: 10662
x-powered-by: ASP.NET
server-timing: intid;desc=8ea374c933244cef
content-length: 11597
cf-bgj: h2pri
last-modified: Tue, 12 Dec 2023 07:09:28 GMT
server: cloudflare
vary: *, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 8345390f5a2c8a4a-NRT
access-control-allow-headers: Content-Type
expires: Tue, 12 Dec 2023 07:09:29 GMT

GET
H2 200 %E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8...
www.rayskyinvest.com/wp-content/uploads/ 612 KB
612 KB 176ms
3ms Image
image/png 35.227.194.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rayskyinvest.com/wp-content/uploads/%E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8C%E7%94%A8%E4%BF%A1%E7%94%A8%E5%8D%A1%E8%B2%B7%E4%B8%8B%E4%BA%BA%E7%94%9F%E7%AC%AC%E4%B8%80%E9%A1%86%E6%AF%94%E7%89%B9%E5%B9%A3-3-1140x570.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.194.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.194.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Tue, 12 Dec 2023 10:18:22 GMT
expires: Wed, 11 Dec 2024 10:06:40 GMT
last-modified: Sat, 02 Dec 2023 07:13:09 GMT
server: nginx
etag: "656ad905-98e3b"
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 626235
x-cdn-c: all
x-sg-cdn: 1

GET
H2 200 file.png
static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 248 KB
248 KB 40ms
11ms Image
image/png 2600:9000:20c4:b200:1e:5c56:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c4:b200:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: 0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-seen-by: image-manipulator-7c76496fbd-bz6ff
date: Fri, 13 Oct 2023 11:18:20 GMT
via: 1.1 google, 1.1 64618c6fa2df73b8c6d133461d99921a.cloudfront.net (CloudFront)
server: openresty/1.21.4.1
x-amz-cf-pop: NRT57-C2
age: 5180401
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fV97Ln-HYl0e2hdgIqagRrCIy-OVx0sGPofx3ARiEl174fIvOXsb5A==
content-length: 253615
wix-tracer: 2WhrxaKwv8p2lJNwgKmnBT7r70v

GET
H2 200 2023101023413094.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/10/ 107 KB
107 KB 11ms
2ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg?resize=1024%2C535&ssl=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:21 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 109448
x-nc: HIT nrt 8
last-modified: Fri, 13 Oct 2023 09:02:46 GMT
server: nginx
etag: "ab5b506272fb167b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg>; rel="canonical"
expires: Sun, 12 Oct 2025 21:02:46 GMT

GET
H2 200 %E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 180 KB
181 KB 235ms
220ms Image
image/jpeg 192.0.78.236
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.236 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
strict-transport-security: max-age=31536000
x-ac: 3.nrt _atomic_bur BYPASS
last-modified: Thu, 27 Apr 2023 05:06:22 GMT
server: nginx
etag: "644a02ce-2d1f7"
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 184823
expires: Tue, 19 Dec 2023 10:18:22 GMT

GET
H2 200 nYpzKWqvlq9.css
static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/ Frame D2F9 20 KB
6 KB 13ms
5ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

990706829aa2bca47e97f5e8968b4cf8841c7c54c2ca26deb6be90dd62fc9310

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: nDPW/+31tCvFJ038ft3H3A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5201
reporting-endpoints
x-fb-debug: U2Jl1SDQkdVo2P8ZsYj40aw5xkRvsMeWF+KvGIKsvU0ErKPiB6BS+EbsimiO8tTTf8mKTlgPSmBJyIFbcue89g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 22:12:55 GMT

GET
H2 200 V-GL57iHfEB.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/ Frame D2F9 33 KB
7 KB 14ms
6ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mEms5HNO4RW/YAm2lY0J/Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6478
reporting-endpoints
x-fb-debug: l5RQhyVd8URxzkkmUrIhL+M56zEKkSZ0id7WmGRMbRXrJTsAJE2/YNv19SA89mg3EZ6VqCHNVElAs6c/IMAp4w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 23:18:01 GMT

GET
H2 200 n8fbfpzliiN.css
static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,ja_JP/ Frame D2F9 22 KB
6 KB 14ms
5ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,ja_JP/n8fbfpzliiN.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

467bfa0c05c4624a5c44c7816b3ea9aa6c19a620bc1ccf49e9886cdbe9fe29b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DpspPYs5jkSJniY1XIonrA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5130
reporting-endpoints
x-fb-debug: 92Jr0H8Z1SJ3fRqGG1YlBuy635ImOqJ2dWCo4+Z9TUQqQ3bGxjkws7HuyF7Wq1bzmuvaP2H+Xg5qHb9Z0fSbEw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 10 Dec 2024 17:50:50 GMT

GET
H2 200 NV8BoM1XChV.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ Frame D2F9 354 KB
92 KB 18ms
10ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

74293afa95dcbd91642f02400175667775e99f363ad58444d7463670f89797ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ZP2pL7dD2RKnTtIQsIhLQA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93737
reporting-endpoints
x-fb-debug: 5kp83pn0S0VMalOEVe/AHgQeJfL6/sMBriwW2Kx2IYFOihKOsISZBrp1vZgtUWkIlAIX6IV4ue0iOOAIfZwjNA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 11 Dec 2024 00:29:41 GMT

GET
H2 200 1Qpe6hO2Mv9.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame D2F9 93 KB
27 KB 18ms
10ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/1Qpe6hO2Mv9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7a230951774a1e4124863cab4f66f6660313eb167e4a09749a8f04082750abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LJZxppjxNZMWGI/Nv17hSA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27010
reporting-endpoints
x-fb-debug: Lqn/03cBK53oj51asbx9+cfMSTKfIqZVBL4WME8Fq+YtHaL76z2aEudFu2YQCQ1KXKwJ7Jj/dXvHD7ZthUCuDw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 11 Dec 2024 04:03:46 GMT

GET
H2 200 z0xXpo6n_z5.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame D2F9 6 KB
2 KB 14ms
7ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/z0xXpo6n_z5.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2c9a1bcd3d8193197c2b2b66dd5cb5ac0f6c5d7df46302f84fa27d1c61639a31

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Jo5qS84ypYHZRPwP67qqtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1978
reporting-endpoints
x-fb-debug: PljRhjU28A5hpB3VuTKN5WYya2rwidJcJGzyic/4g0MyxInXw4mozKte+IknsrSobImz8ajCd97kSRNmEYUJbg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 11 Dec 2024 04:03:46 GMT

GET
H2 200 Zo2PjKxcrx9.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame D2F9 52 KB
17 KB 15ms
8ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/Zo2PjKxcrx9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b82fdbc474d8380a69fa34d303b8af0df698743e7c2d7f6d919c90d06c6279f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Ro0k8YNBji3WOW+c8veBZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16922
reporting-endpoints
x-fb-debug: LcieeLk3T4DYaB/YSQe2zygWQ/bNWS8K492gxHv9iH5ifgMJ4JUZPTc4ljCwik4YobNnN1r3WGjCH1tFFGkFuw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 10 Dec 2024 21:53:10 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame D2F9 507 B
517 B 13ms
6ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: xfgMgiKBNsgcrx1lhN/KAu5TXMhdGyZN+axJ/V6pOqhxELvn5BK6ldlta88fpUHI22PCxZ55HcaQrQzpPfRI7w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 18:53:20 GMT

GET
H2 200 3mr-_N1X4DO.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLxq4/yi/l/ja_JP/ Frame D2F9 28 KB
8 KB 19ms
11ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLxq4/yi/l/ja_JP/3mr-_N1X4DO.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f170477597d1e3c8d780789ece124ec1f6df29aa5efe45102401af3b660030f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mjvZ5joGpic7fey1cr75Fw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7933
reporting-endpoints
x-fb-debug: RMhFp29+mLdtErZTVaPfXK7HCyxzOzmvYuec8+MY32QrhmD4371adVgFGPuSYWtE6FXbq4Qkk8/en0SdL9EBAw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 11 Dec 2024 02:32:00 GMT

GET
H2 200 KudK-WKp3ZH.js Show response
static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/ Frame D2F9 71 KB
20 KB 18ms
11ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: phAMyoOpvbhoet00DvMWkg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20298
reporting-endpoints
x-fb-debug: V2nMxDNmmBVYt1ddnQGQMNaxsIehY2FpXDZoBdbSez1bMSAOcTxo6yEs5Wv3cuT6XKJ0lOXBe4a0mjapvjd4ww==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 30 Nov 2024 23:19:01 GMT

GET
H2 200 1eTSsVqlWLK.js Show response
static.xx.fbcdn.net/rsrc.php/v3iUOk4/yD/l/ja_JP/ Frame D2F9 348 KB
82 KB 18ms
11ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iUOk4/yD/l/ja_JP/1eTSsVqlWLK.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a94199168409e1a324f541a1c9e80dea86b0fa9d7d4355c829cede7f43881006

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: BJBB7jQaT+0Y9P92eEhpJQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 83390
reporting-endpoints
x-fb-debug: nWuaUXA+GHtaVfLTz+juEjIHCTv6Mx8d3fJz5nvBMDuSkWDOdeptEnHUWR7fnx05FbmXTthP4uq93A2hafbCrQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 11 Dec 2024 02:12:35 GMT

GET
H2 200 TioQWlTZ3BG.js Show response
static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/ Frame D2F9 397 KB
94 KB 13ms
6ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/TioQWlTZ3BG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: aC8cw5hP/LLy3Ed3OJp1xQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 95634
reporting-endpoints
x-fb-debug: oLbxlQI3oDtVbvrJsptWyFdLFCxfF0/G087Hi5bym6g7yu9m4yZ03IV9hzDs3Ajl0FEGTOZTB2uYF/F0RSoXfg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:24:12 GMT

GET
H2 200 2JkHYEDy4IG.js Show response
static.xx.fbcdn.net/rsrc.php/v3iB1C4/yI/l/ja_JP/ Frame D2F9 57 KB
18 KB 18ms
11ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iB1C4/yI/l/ja_JP/2JkHYEDy4IG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4befa326b38f0fc61c5227c39caef6044e3e60579c2dd48d814b20d1d5011740

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hTobmuXUVEWLgveC+RKcRw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17838
reporting-endpoints
x-fb-debug: ZhkN+D2N4uBM89z1l7tkIeH13C71yFH9XiX3HHNuVn5dWZRMs77Agas6W0W6+OIJLOqBTanxkRol3wE6YNR+tQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 11 Dec 2024 02:12:27 GMT

GET
H2 200 gpyCFiQlHow.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame D2F9 209 KB
60 KB 18ms
12ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/gpyCFiQlHow.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

77346cbb67be753c266961545d64638a6bd8771c1031ff30846e36fba0b786f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: p9SjMX5ibKDqk9MOqWYI2g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 61034
reporting-endpoints
x-fb-debug: E1Beq8cmZd2HUb1Bnhi2ZpgA0jIBj/j+UL42G3Qo66vtoDBXhW5sVGB/feYhwDMj707Fs8XwOoLJcR38dTmHQQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 11 Dec 2024 02:12:26 GMT

GET
H2 200 EjdAug5mQIB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame D2F9 28 KB
7 KB 13ms
6ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/EjdAug5mQIB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QpoZNtNrb1RRm+1fPhnrPA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7378
reporting-endpoints
x-fb-debug: UMVcWdPvWlAWKVQrbcCoxN+kSDryNg+CAbPilhMPMb8w/8dBgo3amCwilMUy7yqpMUtxKqPsaicPCSrOvnCjDA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 10 Dec 2024 06:33:46 GMT

GET
H2 200 HzxD9aAXSyD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame D2F9 55 KB
15 KB 14ms
8ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oRcNmPqvdkv3ysBSBC5rSQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15157
reporting-endpoints
x-fb-debug: caFcZax7wDhvHTxTdGJLpexAbHOkMnL2LXYNiiz53AZOhHalTaJJwcnCGl6FlWXXkIE5uUDpAY+UvGwH1VUjlw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 27 Nov 2024 19:20:18 GMT

GET 325141786_6140032619364934_7377705774471631398_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/ Frame D2F9 0
0

GET
H2 200 305964663_450890893727816_1742559653774706626_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-1/ Frame D2F9 1 KB
2 KB 571ms
216ms Image
image/jpeg 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=4da83f&_nc_ohc=yWJeOfJyZqcAX8muhqv&_nc_ht=scontent-iad3-1.xx&edm=ADwHzz8EAAAA&oh=00_AfAjcVsiCL7EN0204jNJgxIcB_FQ7GIxLUWXpmqkL-f5Rg&oe=657C3995
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 08 Sep 2022 19:16:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2540016234
thrift_fmhk: GBBuInxWv/H3KKPev1vnnVEuFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 88386505
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1345

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1

85 B
194 B

132ms
132ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 367a601747ab2ff04d19fd087d1d0a1dc7df29c05a3b3d002f4653b2daefd665

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-MgfClEEO0IaJEr49IImT7U/3j+o"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Tue, 12 Dec 2023 10:18:22 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://reurl.cc
location: /esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 87ms
43ms Image
image/gif 2404:6800:4004:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=197797429.1702376302&jid=2089015063&_u=IEBAAEAAAAAAACAAI~&z=1632891397

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
107 B 44ms
43ms Image
image/gif 2404:6800:4004:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=197797429.1702376302&jid=2089015063&_u=IEBAAEAAAAAAACAAI~&z=1632891397

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
609 B 414ms
78ms XHR
application/json 13.251.47.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.47.187 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-47-187.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: fac9e3fb8e9e7e05984d7a1a5fe2a1c09505d7dff0759da966e41ad2786f27c2

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://reurl.cc
cache-control: no-cache
x-server: 10.42.16.222
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame D2F9 573 B
714 B 3ms
2ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 12 Dec 2023 10:18:22 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: ZD3QxG4H8eTNbhHaKOzszlH4EtHKvLShzewdJeBbNtZmfDVFH+Y9gPvS5cqCqRkE52XvbU/eG5BqgT6K7eJRzw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Dec 2024 21:03:22 GMT

GET
H2 200 F_DQGwwgY98.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ Frame D2F9 1 KB
620 B 6ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/F_DQGwwgY98.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bc62be07d652f0c17d0ac238df52c7f628e1a00836060ac88493bcf1c5f328f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 12 Dec 2023 10:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cI8AOHBR2RhP6Z3B54aowA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 425
reporting-endpoints
x-fb-debug: qu6iAiTRdUxV+9x5ZQECr33b/s1JlAtQaJao+WCQwOM+K70ZtpKNQlW0gmY0W7xot2VBxKW5W/8s/N+pKW0tiQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 11 Dec 2024 04:03:47 GMT

GET
H2 200 0mxAqWR3D1_.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame D2F9 2 KB
1 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/0mxAqWR3D1_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8538ac8affdd67f70b035156cbf6303a83988bff319be7eb3d61cdd61be84926

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 12 Dec 2023 10:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zt0dAqHCK5jAyx6WLYktYg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 893
reporting-endpoints
x-fb-debug: AeO1FhCKbJoLXmeB0xPRkJ1XDfLvdqxJLKatllOY4EE4uoL7e00d2XPEr7YORrQ6gFPYWhKZhcPAoklQKgyjdA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 11 Dec 2024 04:03:47 GMT

GET
H2 200 Q3gBXmVJO6M.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame D2F9 130 B
342 B 4ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/Q3gBXmVJO6M.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e130a84f32acbb8f10ecc944bc9b0d27131df8e4f823fbaa047f14c84ec5e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 12 Dec 2023 10:18:22 GMT
x-content-type-options: nosniff
content-md5: UtYxDR2cQR7ZR9ot9sseLQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 130
reporting-endpoints
x-fb-debug: GHN3fUhizew0bbyUnLactu7EjhTG2nss7pSu0ivc8aTgTVXTXda7wOnSKSWG7AOFjReam0qYoDyOZZvyLdpnHA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 11 Dec 2024 02:00:15 GMT

GET
H2 200 b03rUpj3fKJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame D2F9 12 KB
4 KB 5ms
5ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/b03rUpj3fKJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b98745699334e83f49350bbf814a657f787ae1d515b8e41df4856ea89dd2f8a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pG8ZphjXUfeB/6xAtn+7sQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3454
reporting-endpoints
x-fb-debug: DRdGtH5o58z6Xkn/N2MFJuS7rGjvEI0Xixz49NLzf9FuXBFtimHQo4N7Fnk9RjGe517xC7vX3A7fxbvNkQyjHw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:16:34 GMT

GET
H2 200 C8LrV2fV5JS.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame D2F9 339 KB
73 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/C8LrV2fV5JS.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5d28e955cf2bc7eab352b6053c691492b7436b141829f69b52f3639f86beaa96

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uzIAFtOVooYStiVL9khrKg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 74671
reporting-endpoints
x-fb-debug: WFWC+pJi/TmV7uPVZaD2eVVnDg380PeWbtKUfBbFBf8EkriFhYc+AdkB0M3oaAX9U2hBq0B9WCOnjL5WGPJUBg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:47:54 GMT

GET
H2 200 QQEU1-TaC4N.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame D2F9 2 KB
1 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/QQEU1-TaC4N.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uDyhM5TI+HxzvqrjM1/g4w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 898
reporting-endpoints
x-fb-debug: jpXegtyhSt0SkZh6ookROgivzVIO0W15/waLWFSNQ7QKBIJGAljllPQiLvoIFHpO9WyoNNGPdoqNHb90wovzKw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 27 Nov 2024 18:22:49 GMT

GET
H2 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame D2F9 91 KB
22 KB 500ms
499ms XHR
application/x-javascript 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2FgaOWLp%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19703.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010356289&__s=%3A%3A49po41&__hsi=7311650538345908170&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__csr=&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b6aa54bfea18eb207226352cc2a01e174cc06d752cb141189fe0bd67b38ca0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: tEVFEALW274YtLBlwEvte8
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 10:18:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: GGgRdTfxab0EtJNIu+tou/lz4u0OukHf0Gt6dz0ekwVXkJOx7CXOCk/lrdr+qqBo1dexwPSos8goR/eIlaTukg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame D2F9 955 B
855 B 148ms
148ms XHR
application/x-javascript 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9a74492dc88a6371d2e968bd8c85ece5eaabeb0a2eb34f0b3fc6c5d7a63d0321

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: tEVFEALW274YtLBlwEvte8
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 10:18:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: gCg0mWVV6ECi6vilVDz0xTc3yXJmvScTCERUk8c/JZq4vAOwtey0cURoh87uQfeCgrt4lEfUEzwiJUwzHyzZTw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame D2F9 1 KB
1 KB 3ms
2ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 12 Dec 2023 10:18:22 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
reporting-endpoints
x-fb-debug: B4HTGQ8+lgFXoP4gLeSnwqSjSEJO/Zl+YNLjxf7ZNPD8mam0snchpe5q3k9M4yU4g3+9Q+hej9DQoYa1pIm8Tg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 01 Dec 2024 17:51:04 GMT

POST
H3 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame D2F9 955 B
660 B 149ms
148ms XHR
application/x-javascript 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1f67ed14fb7f61b7c2dd9137f1d97a4b8f6d2469977320452e846d16de6c997d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: tEVFEALW274YtLBlwEvte8
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 10:18:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: 7/6d24DZcQWpsm0QL7gi8ejURbVDvfE4zSnVxHks3vxGNsIIsTq1uhTMycocY4cN3wsTFkYAiAbEMIciS3900Q==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame D2F9 12 KB
12 KB 12ms
12ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
x-content-type-options: nosniff
content-md5: Bsv/k/2TeJemYEeLUt4www==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12027
reporting-endpoints
x-fb-debug: IelIUaaXgpvYzHdmliRgH8JaNZqmB03FG4wBEViLkwuWwSuPoKD7LEwtRa+4SN2rUE6kKUPJ6IpWIR7IlJE0cg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 27 Nov 2024 20:21:49 GMT

GET
H3 200 ieeHDjcGsIR.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame D2F9 213 B
353 B 2ms
2ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 12 Dec 2023 10:18:22 GMT
x-content-type-options: nosniff
content-md5: oSUZEsOZh+qyGbXjvLFs7Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 213
reporting-endpoints
x-fb-debug: PaQaxrrG/SwH/VCxoBLUJjuZVRObYZsc6u8gggjVxB+aLLJmRUd1odY1Hhf/Ee68u+Hm63Q7+IpSs0RaVwM7Eg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Tue, 03 Dec 2024 18:38:39 GMT

GET /
www.facebook.com/login/ Frame D2F9 0
0

GET
H3 200 /
www.facebook.com/login/ Frame D2F9 0
0 362ms
362ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 12 Dec 2023 10:18:22 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: W0D5jAELZLEJV7MQjKEbOKRoKbD/ww3dd9d4QAtpPWh3Lrj6P309puT6uJ7NaNzbqoAeBMZdpnw+pK172wRSEw==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame F1BE 484 B
724 B 56ms
46ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 2a9371289c07d9374f645eedd6b6b88b1ff00314af7cc28a1aab087d369c2eaf

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 308
content-type: text/html
date: Tue, 12 Dec 2023 10:18:22 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B585 0
0 43ms
42ms Fetch
image/gif 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszLco-Ehbfb31Jb2hesj9YD0dupMEq5HDwNd9QqaAUFou7LCGRXkEQXUCFYkRr-2QoyIqBMCu1PwBONcWzD0MgjRSBUYZBklJkPdec0qGxtptuiO6SDGGtWG0ETAt9n8af4p8NqV0WQnpFoHHZdOf8TyA3bK9Kw-OhHVJVlkgAN-ettmAygrLbUDJHgON3rZ3z5MHcZqJbPC-bDcdMlahVXgIAe5OtP9Ccf8dPauKfOHBT07cAPGBm6cMKXIuwpekO_B-9lptxL1hOxgVZb1oLUBQq30bJ63yVTduXnJuS1TUY9YIouzMUxKwueuzNwFifRUb3Ub9z-P1m3s0kebyYNkYucFgpZ4Lw2itDt5ZiEPgcfnfulJtbxXT6lwNbxFJcGecJGA&sai=AMfl-YSfhb05Sy6Gvs9xNP4SQAt3Uvd2GO0-umQEdM5J17KKUNz5oyktHho4Q_r68ryNOMB15vE5h3xJQCuK5ly0xhrhvx7BqQhvRyNfowweSBWYLLuZf1gq_Zsu3lIuV4SZu2Xbk1Ueue2jXaDLQxgr4YrV&sig=Cg0ArKJSzNOU2eJTSoUJEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Dec 2023 10:18:22 GMT

GET
H2 200 7942.js Show response
cnt.trvdp.com/js/1250/ Frame B585 535 B
899 B 83ms
4ms Script
application/javascript 18.172.52.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1250/7942.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.52.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-52-86.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:28:17 GMT
via: 1.1 f874b4fe7d91ecfa31e296942e898d14.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 15:54:16 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-P2
age: 5464206
etag: "f229c3a6991d60be41be6d40e220701e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 535
x-amz-cf-id: pS3OmOltJbyYHewnur0fpNZP8dl6LMlNraeiBjIMSLAtEnZzfmb3vA==

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B585 203 KB
65 KB 85ms
44ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 10:18:22 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 39ms
39ms Ping
text/plain 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702376301696&gcd=11l1l1l1l1&dma=0&cid=197797429.1702376302&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702376301&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=scroll&epn.percent_scrolled=90&_et=4&tfd=890
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E196 6 KB
3 KB 4ms
2ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 10:18:22 GMT
expires: Wed, 11 Dec 2024 10:18:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D26B 0
0 46ms
46ms Fetch
image/gif 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFd117gdbzqGTpHj67z9pjCjFkbxYXonizqh7VgW5E26KNhcMGuiEBCgB7SxUv-_Ht4bxwuElN861mE_MP1Kw7g05DMk5jSwL1rWokSXBGuHz-Zfy6yKBHMoYjMFZi5LkUSTMaI8sDOJS9n4uvIFEvBIezu1K-rWK9ZjXmp7lb7L-EkXnUSop5PbYJKNx3cCVVHNrkGVCU5PLWeNLOjQ-IVdh3OjDiPtwy0Ql0riuiZC0qwFZtMxm6qQ23WhzWA-nY7qHilfz51L2M90uKEXnO7niq_g6loEc0HOt0z5vb-kgdkqlv2FsuR6WtYIZeUpW3Vv7c6zW4FnvhpahTnKrKtjKWO1sWOeFBnfKovYBe0Wma8ZrDUfnx8uUX8kZIAOOn2MJ9nOYeRtc&sai=AMfl-YTQlVcO0p6msmxUkmHD9nbEc2utpDY1CpEU5zH3Bnzsr5gZpmLh8F6EytfxClRAod969UoUdM33zLB8WrmEn7CCJVL3XptFdE5rTaIQ1y69mcMsURSCvoXAbHAxlLbpwUKk9MOtC-qCvcMy5I2WFRqD&sig=Cg0ArKJSzK_CLN0zglAsEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame D26B 9 KB
10 KB 296ms
7ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date: Tue, 12 Dec 2023 10:18:22 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 00:04:29 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 19
x-amz-server-side-encryption: AES256
etag: "2b18447e41c64d14195cefd72eb57400"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9645
x-amz-cf-id: ZF6joGI9eZzLWG5XivDPlw4jv1wKyTAZowCj_st4wiCFNSlUiP2mPA==

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D26B 202 KB
61 KB 85ms
33ms Script
text/javascript 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62114
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 10:41:27 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame E030 196 KB
56 KB 44ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 07 Dec 2023 15:55:11 GMT
age: 411791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Dec 2024 15:55:11 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame E030 15 KB
5 KB 52ms
10ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 11 Dec 2023 23:54:31 GMT
age: 37431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Dec 2024 23:54:31 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame E030 95 KB
29 KB 48ms
6ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Dec 2023 18:34:10 GMT
age: 315852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Dec 2024 18:34:10 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame E030 5 KB
2 KB 51ms
10ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 06 Dec 2023 19:42:08 GMT
age: 484574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 05 Dec 2024 19:42:08 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame E030 40 KB
13 KB 47ms
5ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 07 Dec 2023 15:58:35 GMT
age: 411587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Dec 2024 15:58:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E030 850 B
835 B 83ms
40ms Stylesheet
text/css 2404:6800:4004:826::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%97%E3%82%AF%E9%80%83%E3%82%BF%E3%83%88%E3%83%AC%E3%82%8B%E5%8F%8E%E3%82%82%E3%82%AB%E3%81%A7%EF%BC%9F%E3%83%BC%E3%81%AE%E3%82%921%E9%81%B8%E3%83%B3%E6%A9%9F%E3%82%BB%E3%83%84E%E6%96%99%E3%82%B95G%E3%81%86%E3%83%AB%E3%81%8F%E3%81%A6%E3%81%8B%E6%8B%A1%E3%81%84%E5%A4%A7%E7%9B%8AI%E3%83%89%E7%84%A1%E3%82%88%E3%82%B5T%E3%83%9E%E4%BC%9A%E9%96%8B%E3%80%81

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

655163bff2a3eb050ff0c2f16b8f64bd49801e4025f9d6be04683c61e724fd40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 10:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 10:18:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 10:18:22 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F5B1 0
0 46ms
45ms Fetch
image/gif 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupPQ3p_xFZEhfekEzAQUaKJdopsdWzti-jpW1YBYOH5mas1rGCgBrfZDp9IkXRsY7fqzNDwa65OSkMomS9Pz_z5ZU8zVopPX0DL8cvRYWAa06-NOEVNDSHFr-uZUtDscCx30dAbkkAogFmhJ3UVeHHZrFtNLiOnFr3Bj_gLL_kLAeXZYE-R8RaUBOogDiHWHMVWXcMMyGho1rfBMr36uocPBendwCLillUdJnsSSdMIOfIIKP-l7uTRbgJqSCtXM3ApzoEjqQOeWdQIAOkoB0-AV78YkNIsJ3zhmUY4-lhXnFwTPODjPFi1Zr1Lo0AOslpmPxp-76SSJB6Y0o0amJlQcnX6efb4csxh0udu3GII3VAEzFmtYlX2gp7tMKf6UAYOQCN8SZ16ww&sai=AMfl-YT39VJGgPhvAg-R-f08TAATU6_QG4NFFJL_jlhc43TZ0DedjDYrIJoZeDCO2KUj8AZU_OeQB_8Ne9n_JhTJsDriqFjBg8ku6EczqhFNlGSs3xbL5rI5oQDqZFpRGqv523sK15WGARlggaMsGivOEoP7&sig=Cg0ArKJSzJ8WkPzxjSrnEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame F5B1 9 KB
10 KB 278ms
7ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date: Tue, 12 Dec 2023 10:18:22 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 00:04:29 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 19
x-amz-server-side-encryption: AES256
etag: "2b18447e41c64d14195cefd72eb57400"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9645
x-amz-cf-id: gvqMMKj3cp-rl3AO-0yn6dsAJVo-ODX1SosJqAorrC8D-G3Gpp4epQ==

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F5B1 202 KB
61 KB 77ms
43ms Script
text/javascript 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62114
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 10:41:27 GMT

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E030 3 KB
3 KB 51ms
4ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 13:37:46 GMT
x-content-type-options: nosniff
server: cafe
age: 74436
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Tue, 12 Dec 2023 13:37:46 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E030 344 B
474 B 50ms
3ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 19:42:57 GMT
x-content-type-options: nosniff
server: cafe
age: 52525
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 12 Dec 2023 19:42:57 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F1BE
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=85952dd2-24ce-767d-ec24-48432509c645&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=85952dd2-24ce-767d-ec24-48432509c645&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=25022a30-8efc-4e5f-8757-6eed4e5bb110&ttd_puid=85952dd2-24ce-767d-ec24-48432509c645&gdpr=0&gdpr_consent=

43 B
239 B

68ms
46ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=25022a30-8efc-4e5f-8757-6eed4e5bb110&ttd_puid=85952dd2-24ce-767d-ec24-48432509c645&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=25022a30-8efc-4e5f-8757-6eed4e5bb110&ttd_puid=85952dd2-24ce-767d-ec24-48432509c645&gdpr=0&gdpr_consent=
date: Tue, 12 Dec 2023 10:18:22 GMT
server: Kestrel
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame F1BE
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXgzbsCo8XYAALgpyhkAAAAA

43 B
171 B

56ms
41ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXgzbsCo8XYAALgpyhkAAAAA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Tue, 12 Dec 2023 10:18:22 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"31.204.145.172","key":"ZXgzbsCo8XYAALgpyhkAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40124"}
X-SO-Key: ZXgzbsCo8XYAALgpyhkAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40124
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXgzbsCo8XYAALgpyhkAAAAA
Cache-Control: private
X-SO-HostName: a-ad40124.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 0
X-SO-LB-Hostname: m-tgng18.dc4p.scaleout.jp
X-SO-IP: 31.204.145.172

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame F1BE
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbFJRjFwWM5Tks8AEDxkC4eRVs8AAAGMXYjoZw

43 B
61 B

41ms
41ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbFJRjFwWM5Tks8AEDxkC4eRVs8AAAGMXYjoZw
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
via: 1.1 b9518f1c66e5db9d9b8ed8a12f0cce3c.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: NRT57-C3
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbFJRjFwWM5Tks8AEDxkC4eRVs8AAAGMXYjoZw
cache-control: no-cache
content-length: 0
x-amz-cf-id: E9wPfJF5ve0MjMSlVK7grFDHccplOhYyzKXXQ0Nlw2h8DKb1T14ofg==
expires: -1

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame F1BE 170 B
243 B 90ms
45ms Image
image/png 172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTlmYWZlMTgtZWRiOS0yOGQ5LWY5YzQtMTJmYWVmZWIwODI1

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F1BE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKrd-FOcTM2cd_7K8D_IK5M&google_cver=1

43 B
97 B

50ms
49ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKrd-FOcTM2cd_7K8D_IK5M&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKrd-FOcTM2cd_7K8D_IK5M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6374493954456260970
tpc.googlesyndication.com/simgad/ Frame E030 3 KB
3 KB 38ms
5ms Image
image/jpeg 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6374493954456260970?w=100&h=100&tw=1&q=75

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80681585e3e5eda2d4eb799a13afa40d0546a234fde891115de6fd4ec614b47e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:58:01 GMT
x-content-type-options: nosniff
age: 411621
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3187
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 02:54:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Dec 2024 15:58:01 GMT

GET
DATA 200
OK truncated
/ Frame E030 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03c4734142979d183658b38eb3c637ff9710cfda62aef744c893386a086cdb32

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3A9C 448 B
549 B 90ms
44ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6g0PkCEOrh7YsEGIfUuIACMAE&v=APEucNXPowYjTdMouP3nknE5O9VHxNIdbuau3E5XUCfwhnsCpxBSXAx8ubyAbckNqfBq4y-bkd3TLw3_m1tp82HwWVWI7-bBPQ

Requested by

Host: a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com
URL: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 10:18:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E196 89 KB
31 KB 109ms
102ms Script
text/javascript 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com
URL: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 10:18:22 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E196 42 B
173 B 56ms
49ms Image
image/gif 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AeKmNR-t4rvtgrF-nJrMsEjJ5egvTg-GZnXkQkZbSySF1lZN_JdBj8mbh4nAADVvLoqekE1wZYDuDt01CUdqNMf9xk0h08HakjI3ALP0MTdDzOgHg

Requested by

Host: a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com
URL: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E196 3 KB
1 KB 11ms
4ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com
URL: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:53:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E196 20 KB
9 KB 9ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com
URL: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:53:51 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E196 202 KB
61 KB 43ms
36ms Script
text/javascript 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com
URL: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62114
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 10:41:27 GMT

GET
H2 200 7942.js Show response
go.trvdp.com/init/ 6 KB
6 KB 86ms
5ms Script
binary/octet-stream 18.65.185.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/7942.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1250/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.185.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-185-40.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 16:21:32 GMT
via: 1.1 9a57190cf6aa7b1142210e5f804431fc.cloudfront.net (CloudFront)
last-modified: Sat, 25 Mar 2023 08:02:02 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P2
age: 19677411
etag: "cec9f63f120ca9bc6868582a79e6b514"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: UFl83jtrzenw69eNmhPoi1SBHNimbg2dr-Mo4RLO6OPUJIPIYnSeEA==

GET
DATA 200
OK truncated
/ Frame B585 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94266a7f36a63edc3463feae8ed94ba779d71c4afbc685937d946bb41c3ab593

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B585 0
0 79ms
41ms Fetch
image/gif 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjABaANNmHduMhemI5o9FRW4nVxI5klrvQczsjypS2dDN1BQSk_eBDoOt9DW83bXVbwks2zSnFXOxo3TVshpi7awpIzgtKqQ7z8QwkT-IbbdrfrDc1XqFk8XOnKl_RqXV3Nd_DdD2q_SzYqXj9javLBFN-FiE-KoOhdPer8YnlqhqVXEZ-1AleTPxfKwY5kPt_RGg-vbAXDmalfT25bbhtMxHkb0TBQBMrdTwEZTVBxrt5vZkWU4t3D7Q6v1V7DSGMu7KNvsoARNzOqX2G1D01-lZl071u8Y9eMPIiv4UCBOii4XzT5-75VIlxeOlM-hL4uPnlC4AlzlCFjraRmACCeRliQ6vqgpzsMAyXWQUYWBa9Gq6FhZpTXjyVIrwojKGneWUlNgld&sai=AMfl-YSUyHZDpdVD-VGm6kTP6LGZwfX1h9-zHxXWUTh9_GOnpIPb_h2er3GSFjon9XMGLDdzxEWdLUSB93dQ234ekOm1uHJyGBNg2ENVzuFcVRXpsB7vBK4Ru7S42lP7mRH8FzgJBbG2VFCR06Gn61Je7-v8&sig=Cg0ArKJSzIUeUetgWeJ-EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Dec 2023 10:18:22 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame E030 26 KB
27 KB 44ms
2ms Font
font/woff2 2404:6800:4004:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqV02ZQwq1cQDrgTnhzUle-PiMW6l3nyUTMr7-RzI_PapihXyLtqVznGb7qpDrq13BBxqgqJR4wKVJFjsMQ5aahRJAhkbh57jrN4Xll9_R_8w7MuP4Ipo8Fw55oXSZSDcF_ptpO4L7xOH0glmlAZTdnn9MCtatLHNXKkNVtR7unQ90cn5VIknZhOkYzPj-1tWhHvdNYhoTq92mF3Ib8BE_gHg&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%97%E3%82%AF%E9%80%83%E3%82%BF%E3%83%88%E3%83%AC%E3%82%8B%E5%8F%8E%E3%82%82%E3%82%AB%E3%81%A7%EF%BC%9F%E3%83%BC%E3%81%AE%E3%82%921%E9%81%B8%E3%83%B3%E6%A9%9F%E3%82%BB%E3%83%84E%E6%96%99%E3%82%B95G%E3%81%86%E3%83%AB%E3%81%8F%E3%81%A6%E3%81%8B%E6%8B%A1%E3%81%84%E5%A4%A7%E7%9B%8AI%E3%83%89%E7%84%A1%E3%82%88%E3%82%B5T%E3%83%9E%E4%BC%9A%E9%96%8B%E3%80%81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02cdbd2ac3e4e8084abdb1b577ee4f787bb441ad15915f0e5f247f35432654b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://reurl.cc
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:27:43 GMT
x-content-type-options: nosniff
age: 31839
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26840
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 13 Dec 2023 01:27:43 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E030
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

71ms
70ms

Image
text/html

2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

date: Tue, 12 Dec 2023 10:18:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E030 3 KB
3 KB 3ms
2ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 13:37:46 GMT
x-content-type-options: nosniff
server: cafe
age: 74436
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Tue, 12 Dec 2023 13:37:46 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E030 344 B
402 B 3ms
2ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 19:42:57 GMT
x-content-type-options: nosniff
server: cafe
age: 52525
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 12 Dec 2023 19:42:57 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A9C
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
188 B

43ms
42ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6g0PkCEOrh7YsEGIfUuIACMAE&v=APEucNXPowYjTdMouP3nknE5O9VHxNIdbuau3E5XUCfwhnsCpxBSXAx8ubyAbckNqfBq4y-bkd3TLw3_m1tp82HwWVWI7-bBPQ

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Dec 2023 10:18:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 3A9C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFdjrA5cX3awlvW3ZgWUtU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFdjrA5cX3awlvW3ZgWUtU&google_cver=1&C=1

43 B
341 B

17ms
16ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFdjrA5cX3awlvW3ZgWUtU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6g0PkCEOrh7YsEGIfUuIACMAE&v=APEucNXPowYjTdMouP3nknE5O9VHxNIdbuau3E5XUCfwhnsCpxBSXAx8ubyAbckNqfBq4y-bkd3TLw3_m1tp82HwWVWI7-bBPQ
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IocUMeo5vqwTU0RAVDFPrZJd9BNUzj8AqNgAwSB9J3LEAl6wTF8m19GV3sV3NHun%2Fx%2BkD%2FdDxZMgVAAvGtbMaS3jsmcBhQPI9NNHC4QGsDzPWTZiAm0OuVRHc4eBLRnRpC%2F%2BVqKxezXidQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8345391358c680c3-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVOicBfKqcSxz9%2F4f3jAn5J7OZTBKIWYDhdYaJfxcAHx9H33uGvd5HAqrLC%2Fg0bM%2FkA2iiEs2WMQVBw%2F0oua%2BvdxElxK%2FRfzyDnmaIxnEkqLn9vDKvG2ufriRarHW2MA%2BWEerXZvQKlqEw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEBFdjrA5cX3awlvW3ZgWUtU&google_cver=1&C=1
cache-control: no-cache
cf-ray: 83453913388780c3-NRT
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3A9C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXgzbpgZYJZIwfjOOHlm0QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFdjrA5cX3awlvW3ZgWUtU&google_cver=1

43 B
771 B

22ms
22ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFdjrA5cX3awlvW3ZgWUtU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6g0PkCEOrh7YsEGIfUuIACMAE&v=APEucNXPowYjTdMouP3nknE5O9VHxNIdbuau3E5XUCfwhnsCpxBSXAx8ubyAbckNqfBq4y-bkd3TLw3_m1tp82HwWVWI7-bBPQ
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGs4yzcpboWjlaAG8xTCvULz04LRKBKZH8731QbS6u%2F9NhVrF8uryP3YF0OJqBd6CHj7ZH8fWvhXGTyiOiZHht%2BdhIzU1RDkvxE%2BmvqhD0RdKszXfgcMcX4%2F8HGpATZao1ukITqrZ0skfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83453913cf4d80d1-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBFdjrA5cX3awlvW3ZgWUtU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D26B 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b49a12beb106da40e2e93ad075a7efd4dc6e182e4c31fe583caeb5ea7bea8d8c

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F5B1 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0601fd87040a1b8268fd9aa52cd65450f30d6269c356ca4e8c3c0d7d71c78e2f

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 3 KB
2 KB 256ms
177ms XHR
application/json 143.204.86.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1250&wid=7942&cb=2699.4640623783694&pid=5434&url=https%3A%2F%2Freurl.cc%2FgaOWLp
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-119.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: 32904b2fe5f0857f592b27582d2f2dd0eb318adeae774720cbafbfd14adbeed0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
content-encoding: gzip
via: 1.1 08eb3bf00a3ab2939539c3ee2ca61d84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: NRT12-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: og39N69h_6fxnWQ81Qw_DVKNtGaAV75xlBG5B-1WbPUJt6GUILSWQw==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9588 15 KB
6 KB 452ms
156ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 10:18:22 GMT
server: Kestrel
server-processing-duration-in-ticks: 307817
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E196 0
58 B 45ms
44ms Ping
image/gif 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5082355801828&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E196 0
47 B 56ms
56ms Ping
image/gif 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5082355801828&version=m202309260101&ct=119&x=1&cor=16426952532691026000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E196 90 KB
38 KB 78ms
77ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B4pDBDokdfMxlkptt4f2cH73MDdRZz5yQKRJEC6sMIDyVx-bxh6RKdsHMthL2c1AdLgaxMrzC6zAK6pj_KlmbqfldZMV9-QoNP-u98aJgqsdBsHkiup6v7N0t7ft-0dE9aZr-nyfQrAtqyJFunirCcE69eoVb91lQN3D2P3Twi4VYZS1g&cry=1&dbm_d=AKAmf-Dfpyh-PoVOMws8ajibITT_btkJgoj8Ghg2AD-kwQTO4Ct5Gh9EtYqpyWJVADaYgm5753drskvqGoBzWeX_7CyNYyRDwu1_BtoFANUAQnh8eV8-_ixEiCE6gH8krPEd7UgsOYg1HNT1sZFuN99nhw3lgOJ77W-rGND4hm8X7wbPPInKbO276h6indi5DmZYtyoy9u5iYqgBQESYLnuGkCUTHhZHyAirXNDdXdR3bJlDJj-eGprYUrue-6jASRGFuHH-UwvPp2A2AypWn1Mgz42sfuc0C3VndfmGH0_jvSL7eZgOiAhE2jzykckduo_QRXb7two1el4qWAFlVwd162wk5Uro0kLwFgsm_RG3SgpqX5-57KJNFVJpYFZ6Nq8slH4uTQZyt3Lk8d0XuWZb2VApBge-Jtk0RaMzDr6HC3bRCnfnf5p2dVETnQFYWGh9TeV7_ko8erjAV9QPF8P0I2PDi-8AcoHCP7K86X-NMwD4pUqc2EfgW-AEkr4wJ0HoETb4riIIzW91v5vosJ0SmclbnrAn8TiBGS_x0uhZCc1hHlsdtxdKbsgF6piEXEeZW0XX17Co9oBbz31-TFPBIKTNo-ikEFQi3Y71dGK13q6W745OuajZj1_scM9VrttVJbqhZ0gSRnpU2G4OCHTXJXOpA-TauGCrd241x2N6W0dd2l2SpwmqMvlcM-24Q8Ngi52rBqKFpc1BfN30cngjA6NKtnZYMiVKZMU9O9ji04dvS0VUhmd1sdRv646vw-wZC3ItwhY3yqjqFRkK0n8dnwa7n-WzZmGxAFoKRHx9Ya7mSa7ycjHJpMCEWW1i51aWkKph0iZFFqXXgTY1JGSOZHj0rWclfdflOCVCk77gdXPIbpPbXtOWER-XtdCg1mzNvs-lu7FarIzk0ZSsXVfe65FKV5fhYPlrk8nM-bYLyc8t9GhkvhOu35OS4ae97iJgU_lLrVGc24iCBMZqgnNoIu7D4UuIxWEwOq0YOBnHP9ZdysiNHVclPTH8Mw1qUFPM7fcCQLCcdXQXxiWoaqGrbSEatopPFZUg2Je19-8LqmugAutdTSKrC34-OJcm9IMm3tftj6D2PmBVbttPjVc7hpZ-S9FmXeiwHZnnSahSwmFYYIZvujFlAWYZTw48U6WULpjLdezqotORmHKEo7ouvTz48bd-_nedCoi9PQK6FeugxGsh3Elv5ZMjj6O1T7ywu_QVfoqYZ6ySrD_KKg8UFZlTNurDZph1c42WtBuoNX-DH-skvP4vcHw1JfXugeMGUjPRWwxmVw4dIT1UPHB2RgZL-n4VErE__HwbMmXUl6MDXfgh5IJ7Csd-ZTxHX2REHKq3ZjSuqPUnqeOF7i9RyfL3pEn37E3FNmi7W6pDdGsDQt81Udl4vs5WbdXQhaPaFzAoTMEXKhJpgNgpO6_JzdwaaUEFSMQ-lUNQ7G_5YvKB2C90JzGn8mCU8NIQiRA5HwD0KlRDFyfCFolPLixZqXeJUB9AasNXMBb_jwG6ZXLq3gwq9J2BFk7AbT52llQ9TLHZP4Ze7SclTXFhWtxknyWeVwNFE87SVhi2iC9NhMHSFbhRRCA9lDEFPkd8r5rvYCxHAaVHWzWPrFKpallubueIs2V8fmijUqaNjkwhv-jpJ1ZJc93t2_2q_gmCOA9Pb62Gr9J9r3s3_MRLNM3Pkiw5OGyLNz2bYMFsJ8JDaSahVi4d6nINvVRy0P9AnSYtdYS5hl_L5CY_094aC2zfuQGwwtOxRAwb6n2oY37MBY-kynbVg9nVBWsqJd89CsJbz3wpgLTb7SZotTmr5soVB4dsGQ3TI59uVCwv9t0oMFCGqjhpGKhBVui96yT5vKXJLyn1Aq2sePnp0bsAkJzAyP-_XoJ-xocjZDen-b0g8RHgJ13qcFdIMspO5PHXStWt_BV027TBZsRj1CDbiA3hF_8n2Hw2fgLB-ZXgJyqZ-B-CM9o6YtVq8b8PHNEnbk03b2-eLVMI2NpfftozNGaDBxYphlmxD-Sblp9t1W93Z5YznJQTrh_GHpEKMRhhPLnb5v2mvsMKjoM-7Lu91ntWMFvA4gulWeC6gtmEZZzv4hOsMEL1yrxkXs9eHWbBLvSd12xk1NglNuZRvEme8DHqA5x5BBsJjn4l81LgT3iJNpbRB6FCQSsUfyauOgG9kuemZciD1VHIJA0eYNAuY83w0GtCwlahQruWDaffGKlAPmPGnSD7b_bFb-EE2Rb0c19cAZX8LHHRJfvfEBlFQxbqCiQg4vzt44Bn-5NUUPF5Bpi7gPUuXfBoG8PVQW3mpWnmRnDE5nf8GSkb9zemT1pAWWPeZUh8wy1EJcbojQ43VoEKn9K1UKW9_s0CXGwZ56nd2OPx8yYuC1V09hM0YyrmpAZCWWDKQXYvIh_19uYLlLPkH7L-Pwsx8u8KmD38LHXQd5aNWgjA689u88dgxD11cNrm9vvkOclfD3umErj2Uv8m_K3FUJvGg9OnS6FhGE0RA3VqLoI8A6yjXl6-uRVN5dbcyUXbBM-2DIdLKP7ZWFdWJWx2Bccp7kjoYuyjr1_JSXvNNd14UqSYbB-D_EC25_qnntEsrtG0_mJMG2iDzhrXXiPpyZXQ_eebbCuHXUyOTFV90hfsgKoiY_ySH25nAtcKw3Hv9PhFoNZOnnjfIeVe_Ko_G-PhlSQnYqLqjBf0lvi3VQfv9pelWCm1xzpXk1OVVYHTlvhrmo_RPjGTPS4FUz5r2kh2EWoKtkkZbjWcYQrvjOSptYmQNf6yguy0bfA-1W9F5-cn_GW2vC0sz1yBsWgeqAI5XSmiZaMf4c40ho7UHzNa6oT9MJowexD-kxaGOLAgrWa2dVT8u24WYEF4GU3MHHLQ3tH5HMnVa7d0hMI0UE93tf4Y3K60tZmt5uVxnIYJZfL0P6HyLJe76per93gn5lq8ABlmHS0Yj6fHnHGf1LN2EffM0-d-lga0nS5oJeGjHqxgZqG6DKgpTFSP0A_FjQg6qJNP22dYuB0ZNNTdofMChpO2jqmGbSJCe_2GixVuAJ38SwBtdYjgCV8Z6JRFU_VbYv-9WcCGcQcvEJuBqjzZUsJc3nqovFbtllO9d7Cc-iv9F9GrZGtq9WrzRt_GX6CI8ChKa6oTr1rKkccGHsnatwnL7KiMI1SiPKob8u6ZhuS0Rqade4pNXuRru6XfmASAaL6tWnWa2K8cfKxRcS1S4jqggc0IRuG26WCPwMOn0e9LA0so61x-UTYM9Mn_pUKEJCZ4iK7rP3cmLZLUx76IV5pD3mLECbYTRmqXmFt6hpLm9qxK64osUKmU041RLZHOcPA0qHHh0VwmZ6jgZMS2OmOzLKSdumS899aE6fKJW3Ko_06EARIlO0NGAZBAaoVs-kUESe7bHJWqTtRBgwzJb_Qep5zE62nD0ftQol1lZLBQkMqDqIMnuSGZ-Wac0y4-0eYrwGLZQ6IlE92EPvG6S6fiExYi3B4GGQUKA28wYVkhcBrPwLFHXe2OtsiKm_F6WLlgEZeF3h47Upw8E7agkdeE0wIXvNkyGj5XdkfylXL_RIO1yVszv_k0gipW3tCRfcQU-jgRv9I7u_RI6L1bMr4pFYwMVpojfIinSxCo3XSGIUSMilhKHVmNRUA-gq8cm9rTuZJ49g_uhQ0t0lwKDd7aLsYZtSkw9PfI6UbO9piebwo-DFtlxoES4B6qipJYVysEhUE3fzgOEXjrlFSLpkxUGxucqCDYH0f9hi5vihkOgt7OMzkbkz_GhmXVPSqQ2aIHz4yipNYFnF9iY5PJZpP6jkZwQY77TiR4BcGXULKF7WNqNnFCmfmjszHU29z_J_t_IqoNFgb_h7jQ6v3oC1TxxYnbPb5-EQgO5zlLsTKQCpXUrAefvB4nz9viAsZOMR8ukEgof6OVMKe8z_MFaSyQOIy8HHyPJn4AlAQHKjogiNhj87VRXXrIZCh_-X0ac9BHETwMHi0QuaeH2HidPEllYcK8d1gHytbTIiQk01lfFRmXfrAqIGlGiNXCCKn7TnBu_omJIYem9sZyQQik&cid=CAQSTwAvHhf_XjCeBgCtKmadiCSUsNKd-8wclr0YYV3gs7wBqJqoJfkZCL5QJAcTTQ7blgZfQP4nmqXoKNnrEZmEdg35c0yjf_UGUppAvY0MZCsYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=16426952532691026000&adk=1964084971&idt=118&cac=0&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c83e5e23e9ec5d43acf4246c7fbfb676ad03f65e041fcfb7e8a7f7db707e401d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38573
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 2Yd4YbKG5Pn.css
static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,ja_JP/ Frame D2F9 0
0

GET
DATA 200
OK truncated
/ Frame D2F9 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET uAMMUd1P0Xp.js
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ Frame D2F9 0
0

GET 2_UQu_HhTQu.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame D2F9 0
0

GET ie38mp0O07P.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame D2F9 0
0

POST bz
www.facebook.com/ajax/ Frame D2F9 0
0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E030 0
0 49ms
49ms Image
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFf-TbTN4ZdbNO7yWid4PsvimqAaa8-fUdLCv_dK4EmQQASDSzIEaYInzxYT0E6AB69WC-APIAQGpAqIseSvwiD0-4AIAqAMByAMKqgS3Ak_Qzz4BXCJ-TxjO7PITGFoknJYNfaUOQydJJaz35_udDxttitm9SAQSv15nyo6kVK9u5yk_Te6txzOzVNOEVYS2BPzb_8dSGq7-Qhcxx2ifoFSXsi_L9HvjwjmwXaxw0Hd_nuZ7nfynnEDWhn_7nKPMAD6hXWjrwWze43GOXXPiB-osfIVrtDGjEcMGsvGQfbDxn8dCAb9ilWHUIUucWGK-WRv6KqftxkjYMsSW8ocQuoW2qy5f8z_nvVe06_B11LjYfarR8s4tdH3NNdoCkBU5vJVIQbvjNsLeaofjEXKGIJ9UEA6nP68zuHCAHGHge9Hl379vwBP1OjZgCnf4YJkG8BhPvADLPnOpoMHvQOZm85VsNT_VEyxw8I1Cz_nLXlfwTQGjgBClVw65uwreuZVwdut_mwBAwASP5ZvE0wTgBAGIBaHb3adNkgUECAQYAZIFBAgFGASAB_2p_QeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC2ogbSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WLfMgfbViYMDmgl7aHR0cHM6Ly9scC5pdC10cmVuZC5qcC9jdXN0b21lcl9zdWNjZXNzX3Rvb2xfY29tcGFyaXNvbl9jbGFpbV84OTM_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmdXRtX2NhbXBhaWduPXJldGFyZ2V0aW5ngAoDyAsBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQLaDBEKCxCgq_Cht6Dh7dMBEgIBA-INEwjIh4L21YmDAxU8S8IFHTK8CWXYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=7weCxFp7nJk&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_XjCeBgCtKmadiCSUsNKd-8wclr0YYV3gs7wBqJqoJfkZCL5QJAcTTQ7blgZfQP4nmqXoKNnrEZmEdg35c0yjf_UGUppAvY0MZCsYAQ&template_id=5001&cbvp=2
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 0B34 10 KB
10 KB 4ms
3ms Document
text/html 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 35
content-length: 9921
content-type: text/html
date: Tue, 12 Dec 2023 10:17:47 GMT
etag: "d9100a146ee339f43d0752ef9c998a0d"
last-modified: Tue, 17 Oct 2023 03:41:19 GMT
server: AmazonS3
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
x-amz-cf-id: 3upXuRb0zzBXK4xunw3ij_TJgSffB0pSvJECOH-SlEJt9AgptaCt4g==
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache: Hit from cloudfront

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 673E 11 KB
11 KB 33ms
33ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date: Tue, 12 Dec 2023 10:18:23 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 05:41:00 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
etag: "f4a52d8d8c27ce73cc789edbfef51e62"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10828
x-amz-cf-id: GgECOkBZewlXZ7Of0Lju2xu5Mbk2CX-eeS16LSUvyVSmb5UXBqiTWg==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame BF10 10 KB
10 KB 5ms
5ms Document
text/html 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 35
content-length: 9921
content-type: text/html
date: Tue, 12 Dec 2023 10:17:47 GMT
etag: "d9100a146ee339f43d0752ef9c998a0d"
last-modified: Tue, 17 Oct 2023 03:41:19 GMT
server: AmazonS3
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
x-amz-cf-id: 50icqszq1h4ffaVRqWKKtJGamJgxzG57qTzk7acytktg2Rnz55vb-A==
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache: Hit from cloudfront

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 35FC 11 KB
11 KB 24ms
22ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date: Tue, 12 Dec 2023 10:18:23 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 05:41:00 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
etag: "f4a52d8d8c27ce73cc789edbfef51e62"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10828
x-amz-cf-id: 330mM1V7R_gtHSNZY20rSNL8R-9xi3Bqs0HGzbCwzTZYqV2C8Hh4jg==

GET
H/1.1 200
OK /
cm.lndata.com/ Frame 0B34 35 B
470 B 404ms
68ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 12 Dec 2023 10:18:23 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame CEE1 0
217 B 119ms
3ms Document
text/html 52.68.5.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.5.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-5-49.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 12 Dec 2023 10:18:22 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 502 cm.php Show response
fcm.holmesmind.com/ Frame E027 332 B
383 B 6223ms
6163ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: /
Resource Hash: 8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
content-type: text/html; charset=UTF-8
date: Tue, 12 Dec 2023 10:18:28 GMT
referrer-policy: no-referrer

GET
H2 200 cm.js Show response
fcm2.holmesmind.com/ Frame 0B34 409 B
632 B 376ms
6ms Script
application/javascript 52.192.40.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm2.holmesmind.com/cm.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.192.40.163 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-40-163.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 10:18:23 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript; charset=utf-8

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 0B34 5 KB
3 KB 307ms
74ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Tue, 12 Dec 2023 10:28:22 GMT

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 0B34 0
217 B 116ms
4ms Image
text/html 52.68.5.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.5.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-5-49.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2

200

cm
c.holmesmind.com/ Frame 0B34
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
501 B

132ms
132ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:23 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

date: Tue, 12 Dec 2023 10:18:23 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-type: text/html; charset=UTF-8
location: https://c.holmesmind.com/cm?tc=getIn&
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

google
m.holmesmind.com/ml/ Frame 0B34
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEMxSlw719Ls1Gpm5rFAehVE&google_cver=1

0
138 B

78ms
17ms

Image
image/png

35.227.249.156
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEMxSlw719Ls1Gpm5rFAehVE&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
x-guploader-uploadid: ABPtcPrTzuCQDgy-x_g2VZ99iaZhGIhvpTWehFMN2vmnKn1a2l7TAZSN0i2BUlrZKB_KCJG4Q86h6XTaGicqHa8gS8O_8A
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Tue, 12 Dec 2023 11:18:22 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEMxSlw719Ls1Gpm5rFAehVE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
cm.lndata.com/ Frame BF10 35 B
470 B 393ms
67ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 12 Dec 2023 10:18:23 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame BF10 0
217 B 110ms
4ms Image
text/html 52.68.5.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.5.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-5-49.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2

200

cm
c.holmesmind.com/ Frame BF10
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
501 B

136ms
134ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:23 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

date: Tue, 12 Dec 2023 10:18:23 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-type: text/html; charset=UTF-8
location: https://c.holmesmind.com/cm?tc=getIn&
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame A459 0
218 B 104ms
3ms Document
text/html 52.68.5.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.5.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-5-49.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 12 Dec 2023 10:18:22 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 502 cm.php Show response
fcm.holmesmind.com/ Frame 5F96 332 B
473 B 6211ms
6162ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: /
Resource Hash: 8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
content-type: text/html; charset=UTF-8
date: Tue, 12 Dec 2023 10:18:28 GMT
referrer-policy: no-referrer

GET
H2 200 cm.js Show response
fcm2.holmesmind.com/ Frame BF10 409 B
631 B 364ms
6ms Script
application/javascript 52.192.40.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm2.holmesmind.com/cm.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.192.40.163 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-40-163.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 10:18:23 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript; charset=utf-8

GET
H2

200

google
m.holmesmind.com/ml/ Frame BF10
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEMxSlw719Ls1Gpm5rFAehVE&google_cver=1

0
465 B

65ms
16ms

Image
image/png

35.227.249.156
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEMxSlw719Ls1Gpm5rFAehVE&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
x-guploader-uploadid: ABPtcPq8LrePJAzOIcA6-BTOsEjMFikrSSJ9KmDD1GNzmOJnVCwmec3Hchjlpt3KTwbyIS002FBkMlP4o7baUhULLSE7_g
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Tue, 12 Dec 2023 11:18:22 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEMxSlw719Ls1Gpm5rFAehVE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
ad.holmesmind.com/adserver/ Frame 35FC 824 B
596 B 764ms
7ms Script
text/html 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/Preset.js?z=13848
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c095fd0595e1cd5f3b78dcc04a60403cf94ac140a6a9fe6193c943c086d04fc7

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 12 Dec 2023 10:18:23 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 js-md5.js Show response
cdn.holmesmind.com/js/ Frame 35FC 30 KB
30 KB 4ms
3ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/js-md5.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date: Tue, 12 Dec 2023 10:17:44 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:04:56 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 46
x-amz-server-side-encryption: AES256
etag: "ab3f6a2aedec7585237d5fb727bebcbb"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 30621
x-amz-cf-id: 8A1RRnth3Ww9XEPRmD4D0oAY5sWFMmz32Phyi8f6mKh52ZFEDY6UkA==

GET
H2 200 Preset.js Show response
ad.holmesmind.com/adserver/ Frame 673E 1 KB
672 B 764ms
9ms Script
text/html 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 12 Dec 2023 10:18:23 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 js-md5.js Show response
cdn.holmesmind.com/js/ Frame 673E 30 KB
30 KB 5ms
5ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/js-md5.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date: Tue, 12 Dec 2023 10:17:44 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:04:56 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 46
x-amz-server-side-encryption: AES256
etag: "ab3f6a2aedec7585237d5fb727bebcbb"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 30621
x-amz-cf-id: poJvljnOHc7ojbXGhwEb_KfY9yRcoMGz7pz5iT5TcppWO7joxDX8rg==

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame E196 111 KB
39 KB 45ms
4ms Script
text/javascript 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/
Origin: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 02:25:14 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame E196 11 KB
4 KB 10ms
10ms Script
text/javascript 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B4pDBDokdfMxlkptt4f2cH73MDdRZz5yQKRJEC6sMIDyVx-bxh6RKdsHMthL2c1AdLgaxMrzC6zAK6pj_KlmbqfldZMV9-QoNP-u98aJgqsdBsHkiup6v7N0t7ft-0dE9aZr-nyfQrAtqyJFunirCcE69eoVb91lQN3D2P3Twi4VYZS1g&cry=1&dbm_d=AKAmf-Dfpyh-PoVOMws8ajibITT_btkJgoj8Ghg2AD-kwQTO4Ct5Gh9EtYqpyWJVADaYgm5753drskvqGoBzWeX_7CyNYyRDwu1_BtoFANUAQnh8eV8-_ixEiCE6gH8krPEd7UgsOYg1HNT1sZFuN99nhw3lgOJ77W-rGND4hm8X7wbPPInKbO276h6indi5DmZYtyoy9u5iYqgBQESYLnuGkCUTHhZHyAirXNDdXdR3bJlDJj-eGprYUrue-6jASRGFuHH-UwvPp2A2AypWn1Mgz42sfuc0C3VndfmGH0_jvSL7eZgOiAhE2jzykckduo_QRXb7two1el4qWAFlVwd162wk5Uro0kLwFgsm_RG3SgpqX5-57KJNFVJpYFZ6Nq8slH4uTQZyt3Lk8d0XuWZb2VApBge-Jtk0RaMzDr6HC3bRCnfnf5p2dVETnQFYWGh9TeV7_ko8erjAV9QPF8P0I2PDi-8AcoHCP7K86X-NMwD4pUqc2EfgW-AEkr4wJ0HoETb4riIIzW91v5vosJ0SmclbnrAn8TiBGS_x0uhZCc1hHlsdtxdKbsgF6piEXEeZW0XX17Co9oBbz31-TFPBIKTNo-ikEFQi3Y71dGK13q6W745OuajZj1_scM9VrttVJbqhZ0gSRnpU2G4OCHTXJXOpA-TauGCrd241x2N6W0dd2l2SpwmqMvlcM-24Q8Ngi52rBqKFpc1BfN30cngjA6NKtnZYMiVKZMU9O9ji04dvS0VUhmd1sdRv646vw-wZC3ItwhY3yqjqFRkK0n8dnwa7n-WzZmGxAFoKRHx9Ya7mSa7ycjHJpMCEWW1i51aWkKph0iZFFqXXgTY1JGSOZHj0rWclfdflOCVCk77gdXPIbpPbXtOWER-XtdCg1mzNvs-lu7FarIzk0ZSsXVfe65FKV5fhYPlrk8nM-bYLyc8t9GhkvhOu35OS4ae97iJgU_lLrVGc24iCBMZqgnNoIu7D4UuIxWEwOq0YOBnHP9ZdysiNHVclPTH8Mw1qUFPM7fcCQLCcdXQXxiWoaqGrbSEatopPFZUg2Je19-8LqmugAutdTSKrC34-OJcm9IMm3tftj6D2PmBVbttPjVc7hpZ-S9FmXeiwHZnnSahSwmFYYIZvujFlAWYZTw48U6WULpjLdezqotORmHKEo7ouvTz48bd-_nedCoi9PQK6FeugxGsh3Elv5ZMjj6O1T7ywu_QVfoqYZ6ySrD_KKg8UFZlTNurDZph1c42WtBuoNX-DH-skvP4vcHw1JfXugeMGUjPRWwxmVw4dIT1UPHB2RgZL-n4VErE__HwbMmXUl6MDXfgh5IJ7Csd-ZTxHX2REHKq3ZjSuqPUnqeOF7i9RyfL3pEn37E3FNmi7W6pDdGsDQt81Udl4vs5WbdXQhaPaFzAoTMEXKhJpgNgpO6_JzdwaaUEFSMQ-lUNQ7G_5YvKB2C90JzGn8mCU8NIQiRA5HwD0KlRDFyfCFolPLixZqXeJUB9AasNXMBb_jwG6ZXLq3gwq9J2BFk7AbT52llQ9TLHZP4Ze7SclTXFhWtxknyWeVwNFE87SVhi2iC9NhMHSFbhRRCA9lDEFPkd8r5rvYCxHAaVHWzWPrFKpallubueIs2V8fmijUqaNjkwhv-jpJ1ZJc93t2_2q_gmCOA9Pb62Gr9J9r3s3_MRLNM3Pkiw5OGyLNz2bYMFsJ8JDaSahVi4d6nINvVRy0P9AnSYtdYS5hl_L5CY_094aC2zfuQGwwtOxRAwb6n2oY37MBY-kynbVg9nVBWsqJd89CsJbz3wpgLTb7SZotTmr5soVB4dsGQ3TI59uVCwv9t0oMFCGqjhpGKhBVui96yT5vKXJLyn1Aq2sePnp0bsAkJzAyP-_XoJ-xocjZDen-b0g8RHgJ13qcFdIMspO5PHXStWt_BV027TBZsRj1CDbiA3hF_8n2Hw2fgLB-ZXgJyqZ-B-CM9o6YtVq8b8PHNEnbk03b2-eLVMI2NpfftozNGaDBxYphlmxD-Sblp9t1W93Z5YznJQTrh_GHpEKMRhhPLnb5v2mvsMKjoM-7Lu91ntWMFvA4gulWeC6gtmEZZzv4hOsMEL1yrxkXs9eHWbBLvSd12xk1NglNuZRvEme8DHqA5x5BBsJjn4l81LgT3iJNpbRB6FCQSsUfyauOgG9kuemZciD1VHIJA0eYNAuY83w0GtCwlahQruWDaffGKlAPmPGnSD7b_bFb-EE2Rb0c19cAZX8LHHRJfvfEBlFQxbqCiQg4vzt44Bn-5NUUPF5Bpi7gPUuXfBoG8PVQW3mpWnmRnDE5nf8GSkb9zemT1pAWWPeZUh8wy1EJcbojQ43VoEKn9K1UKW9_s0CXGwZ56nd2OPx8yYuC1V09hM0YyrmpAZCWWDKQXYvIh_19uYLlLPkH7L-Pwsx8u8KmD38LHXQd5aNWgjA689u88dgxD11cNrm9vvkOclfD3umErj2Uv8m_K3FUJvGg9OnS6FhGE0RA3VqLoI8A6yjXl6-uRVN5dbcyUXbBM-2DIdLKP7ZWFdWJWx2Bccp7kjoYuyjr1_JSXvNNd14UqSYbB-D_EC25_qnntEsrtG0_mJMG2iDzhrXXiPpyZXQ_eebbCuHXUyOTFV90hfsgKoiY_ySH25nAtcKw3Hv9PhFoNZOnnjfIeVe_Ko_G-PhlSQnYqLqjBf0lvi3VQfv9pelWCm1xzpXk1OVVYHTlvhrmo_RPjGTPS4FUz5r2kh2EWoKtkkZbjWcYQrvjOSptYmQNf6yguy0bfA-1W9F5-cn_GW2vC0sz1yBsWgeqAI5XSmiZaMf4c40ho7UHzNa6oT9MJowexD-kxaGOLAgrWa2dVT8u24WYEF4GU3MHHLQ3tH5HMnVa7d0hMI0UE93tf4Y3K60tZmt5uVxnIYJZfL0P6HyLJe76per93gn5lq8ABlmHS0Yj6fHnHGf1LN2EffM0-d-lga0nS5oJeGjHqxgZqG6DKgpTFSP0A_FjQg6qJNP22dYuB0ZNNTdofMChpO2jqmGbSJCe_2GixVuAJ38SwBtdYjgCV8Z6JRFU_VbYv-9WcCGcQcvEJuBqjzZUsJc3nqovFbtllO9d7Cc-iv9F9GrZGtq9WrzRt_GX6CI8ChKa6oTr1rKkccGHsnatwnL7KiMI1SiPKob8u6ZhuS0Rqade4pNXuRru6XfmASAaL6tWnWa2K8cfKxRcS1S4jqggc0IRuG26WCPwMOn0e9LA0so61x-UTYM9Mn_pUKEJCZ4iK7rP3cmLZLUx76IV5pD3mLECbYTRmqXmFt6hpLm9qxK64osUKmU041RLZHOcPA0qHHh0VwmZ6jgZMS2OmOzLKSdumS899aE6fKJW3Ko_06EARIlO0NGAZBAaoVs-kUESe7bHJWqTtRBgwzJb_Qep5zE62nD0ftQol1lZLBQkMqDqIMnuSGZ-Wac0y4-0eYrwGLZQ6IlE92EPvG6S6fiExYi3B4GGQUKA28wYVkhcBrPwLFHXe2OtsiKm_F6WLlgEZeF3h47Upw8E7agkdeE0wIXvNkyGj5XdkfylXL_RIO1yVszv_k0gipW3tCRfcQU-jgRv9I7u_RI6L1bMr4pFYwMVpojfIinSxCo3XSGIUSMilhKHVmNRUA-gq8cm9rTuZJ49g_uhQ0t0lwKDd7aLsYZtSkw9PfI6UbO9piebwo-DFtlxoES4B6qipJYVysEhUE3fzgOEXjrlFSLpkxUGxucqCDYH0f9hi5vihkOgt7OMzkbkz_GhmXVPSqQ2aIHz4yipNYFnF9iY5PJZpP6jkZwQY77TiR4BcGXULKF7WNqNnFCmfmjszHU29z_J_t_IqoNFgb_h7jQ6v3oC1TxxYnbPb5-EQgO5zlLsTKQCpXUrAefvB4nz9viAsZOMR8ukEgof6OVMKe8z_MFaSyQOIy8HHyPJn4AlAQHKjogiNhj87VRXXrIZCh_-X0ac9BHETwMHi0QuaeH2HidPEllYcK8d1gHytbTIiQk01lfFRmXfrAqIGlGiNXCCKn7TnBu_omJIYem9sZyQQik&cid=CAQSTwAvHhf_XjCeBgCtKmadiCSUsNKd-8wclr0YYV3gs7wBqJqoJfkZCL5QJAcTTQ7blgZfQP4nmqXoKNnrEZmEdg35c0yjf_UGUppAvY0MZCsYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=16426952532691026000&adk=1964084971&idt=118&cac=0&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 10:18:17 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame E196 31 KB
12 KB 9ms
9ms Script
text/javascript 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 02:01:23 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E196 41 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:48:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37805
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 23:48:17 GMT

GET
DATA 200
OK truncated
/ Frame E196 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15e2d6c7259db328b001cd7a860398341025f7daa6fd25b5ab30c4d6fa2c7d41

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame BB09 38 KB
13 KB 3ms
2ms Document
text/html 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 484427
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 19:44:35 GMT
expires: Thu, 05 Dec 2024 19:44:35 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9211617412276625233/ Frame A184 119 KB
28 KB 44ms
3ms Document
text/html 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9211617412276625233/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b31d04859fc21cc6be5174c6e175a091d8b5ffc74cfa92126cdbc5b9545c97b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 9055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 28806
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 07:47:27 GMT
expires: Wed, 11 Dec 2024 07:47:27 GMT
last-modified: Mon, 04 Dec 2023 12:34:48 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E196 0
0 146ms
48ms Fetch
image/gif 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssEMTgsz7VGV7CENmWycq8Xw76ZjMP4DuHZNJcO4414_yGgKNLxbF5ldzxEwEs9tMr2VDi4pfbTojIHChuGyBWNk_RCqY6HOoWEG96b9gXF09qRkg2JkwswnPp81mugoFZ6K87pr3IBtQkvpAkqQH8YD5b96MYIiL0GiadueS_S51ZXLBcTScD2TI2OLSTwNsCUN3mNcdDXwxOGix7OedR85qdjL4NW5Aa2PimkKEmQWGaM_l21yM4XS9nh3REMH4dAdGzpRzK_gHe78OpzdimzNi30NoXjwViFy7QguXSUiL92jPNGjX9rJyTVW1QNyXSBYCN_cujj_ovqxVQ9snTHiMWsvz6j47K9mQrbaeRig-q7tBq3_PIpup0QvIZdwApiYfoVpZLgBRl_O8Uj-dVdJXVU3CUi4nR74qER6Q4f5SGMBvS2G7i4kNqrn6djBJMRVbPCBHQ3YHkGL4AyybFRZb8mxblJ7YGwbDSjOhbrYL0U-IRo2jG_TmJ6pLPRXmFIVSE3M0zzzmsCYhAL7K8136DcyZ1nreLREmwsta3nUTPgpnCx9jOdts54k2ZJhnp7zbpZTWIR6rRV3RP2IaWjRs-M-tPg_EzAxKhtvu146thsk55PkGWl8bb2zqbTUWZQPSzrADoNHZIGyKVknpHNBgpj6et3iAgsyh7qT85g4X3-1ay9JLnIuTmTgoBKpat6G9B690bJLV7vDDOxGSpJa8daKUjatKUjWuj8SFfRyV8ipTQNl21OY9EFa2Y6W9P5g6sqfA0J60EK7kzi7cltPTEnmX_JIZvphF4QdYes4I6CsjRrBA9KBQ6StA5zIW-crPASMJcwPgrz9LmaeGlzwclmMFNWw4d2LaDQQteIMDNDD6D3OgXPHaL-Ohqtl2On_KSCT1xtDoU5W_EQpkwnfmejREzfuTa2AkpBdGW42epNsKjV9lU0xauiqqxVLQU3KTs7ojaMjmfda-Xw8h4aLojX8DmnpuyKO_7KVZmCnYbXVVEZA-hPuZ6NIcjKyPUg3cZE0CjEMmYoWJWMM95o_eV6QEDnDPjcUGqjcL0n9MSNG20S23gf-g3tDmaolG_tFLfDlyxb2HoFjEKx3WxtP_R48E15-SpRT9jnss_s5ePN5RmEQwOr3k0ANRJggS9JbGic9bJ-yHwGfuN8dOZd4SBX3j_5SSs4-PQLel8sLzHpZn8kTOui-sViGJhTyYbbXinpa_VM_lKhda_uWd7rPMYq_ZkLpodkuJSh4ewpUg_WHotq3NRvPCO9ariprSZO2wt2ZrtI9t0ZoeYoQKOMcJlGf3rVmWGUOK5g0N-KAuVObjArcWFiYzWUKH7vy7qsC4pV-jATICfE5x1oVDArofyvUw6E0Yv6681pE7ARZDZMS2Gk_e91lD7E3ZfniM0&sai=AMfl-YROG-XJvE9LF5SN6OlEQrB7Mdilt9aN2lXxSbFhY0DwszAg8x9uzSBpneU-ixtO9pxRhQDa9LJMuk3gNdIR9d0WRVfg3nQr3gaLmdR8W7jKlkhPR8IJtfZ4AqC-Db6_rLEcLDofNtFqUlNdEDHh8TJxI80qtdN7h6FVMn6W5im84JZ9mySd4mD_9YVl_6ajgrMUc-llZz0_Z8wQTwPux709lOj75ehqZxzQ0qttC1XHAkPepsjtko37v6hlqoL4VnyN4p0Xdk8EwmrmihjL390_IpGpqbGxSIDI4BcMUg&sig=Cg0ArKJSzD1l07qibgtyEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=66&cbvp=1&cstd=64&cisv=r20231207.49878&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Dec 2023 10:18:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 float.js Show response
s.trvdp.com/scripts/v5.832/ 469 KB
139 KB 114ms
18ms Script
application/javascript 13.32.50.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.832/float.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.50.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-50-91.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:09:30 GMT
content-encoding: gzip
via: 1.1 53784e962439e344b6be04336e793994.cloudfront.net (CloudFront)
last-modified: Sun, 15 Oct 2023 15:13:28 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 1735733
etag: W/"ae8e71eddcd185d49d5b9a8ef8a2ef6a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Rk7hS7UY3w20eAGYX5CPrBPX6aZfN7DhKpB30Jl1Vqu6s2JO1LbT4w==

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame BB09 39 KB
15 KB 9ms
9ms Script
text/javascript 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 07:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 356905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 07:09:57 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame A184 32 KB
11 KB 3ms
2ms Script
text/javascript 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9211617412276625233/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://s0.2mdn.net/sadbundle/9211617412276625233/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 15:58:55 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E196 0
0 67ms
45ms Fetch
image/gif 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssEMTgsz7VGV7CENmWycq8Xw76ZjMP4DuHZNJcO4414_yGgKNLxbF5ldzxEwEs9tMr2VDi4pfbTojIHChuGyBWNk_RCqY6HOoWEG96b9gXF09qRkg2JkwswnPp81mugoFZ6K87pr3IBtQkvpAkqQH8YD5b96MYIiL0GiadueS_S51ZXLBcTScD2TI2OLSTwNsCUN3mNcdDXwxOGix7OedR85qdjL4NW5Aa2PimkKEmQWGaM_l21yM4XS9nh3REMH4dAdGzpRzK_gHe78OpzdimzNi30NoXjwViFy7QguXSUiL92jPNGjX9rJyTVW1QNyXSBYCN_cujj_ovqxVQ9snTHiMWsvz6j47K9mQrbaeRig-q7tBq3_PIpup0QvIZdwApiYfoVpZLgBRl_O8Uj-dVdJXVU3CUi4nR74qER6Q4f5SGMBvS2G7i4kNqrn6djBJMRVbPCBHQ3YHkGL4AyybFRZb8mxblJ7YGwbDSjOhbrYL0U-IRo2jG_TmJ6pLPRXmFIVSE3M0zzzmsCYhAL7K8136DcyZ1nreLREmwsta3nUTPgpnCx9jOdts54k2ZJhnp7zbpZTWIR6rRV3RP2IaWjRs-M-tPg_EzAxKhtvu146thsk55PkGWl8bb2zqbTUWZQPSzrADoNHZIGyKVknpHNBgpj6et3iAgsyh7qT85g4X3-1ay9JLnIuTmTgoBKpat6G9B690bJLV7vDDOxGSpJa8daKUjatKUjWuj8SFfRyV8ipTQNl21OY9EFa2Y6W9P5g6sqfA0J60EK7kzi7cltPTEnmX_JIZvphF4QdYes4I6CsjRrBA9KBQ6StA5zIW-crPASMJcwPgrz9LmaeGlzwclmMFNWw4d2LaDQQteIMDNDD6D3OgXPHaL-Ohqtl2On_KSCT1xtDoU5W_EQpkwnfmejREzfuTa2AkpBdGW42epNsKjV9lU0xauiqqxVLQU3KTs7ojaMjmfda-Xw8h4aLojX8DmnpuyKO_7KVZmCnYbXVVEZA-hPuZ6NIcjKyPUg3cZE0CjEMmYoWJWMM95o_eV6QEDnDPjcUGqjcL0n9MSNG20S23gf-g3tDmaolG_tFLfDlyxb2HoFjEKx3WxtP_R48E15-SpRT9jnss_s5ePN5RmEQwOr3k0ANRJggS9JbGic9bJ-yHwGfuN8dOZd4SBX3j_5SSs4-PQLel8sLzHpZn8kTOui-sViGJhTyYbbXinpa_VM_lKhda_uWd7rPMYq_ZkLpodkuJSh4ewpUg_WHotq3NRvPCO9ariprSZO2wt2ZrtI9t0ZoeYoQKOMcJlGf3rVmWGUOK5g0N-KAuVObjArcWFiYzWUKH7vy7qsC4pV-jATICfE5x1oVDArofyvUw6E0Yv6681pE7ARZDZMS2Gk_e91lD7E3ZfniM0&sai=AMfl-YROG-XJvE9LF5SN6OlEQrB7Mdilt9aN2lXxSbFhY0DwszAg8x9uzSBpneU-ixtO9pxRhQDa9LJMuk3gNdIR9d0WRVfg3nQr3gaLmdR8W7jKlkhPR8IJtfZ4AqC-Db6_rLEcLDofNtFqUlNdEDHh8TJxI80qtdN7h6FVMn6W5im84JZ9mySd4mD_9YVl_6ajgrMUc-llZz0_Z8wQTwPux709lOj75ehqZxzQ0qttC1XHAkPepsjtko37v6hlqoL4VnyN4p0Xdk8EwmrmihjL390_IpGpqbGxSIDI4BcMUg&sig=Cg0ArKJSzD1l07qibgtyEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=142&vt=11&dtpt=76&dett=3&cstd=64&cisv=r20231207.49878&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 2.png
s0.2mdn.net/sadbundle/9211617412276625233/ Frame A184 4 KB
4 KB 3ms
3ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9211617412276625233/2.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a101cec1294a2ccd468a17a0a29b5cdd7463aab33d99c348b7cf6e5f86f85063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://s0.2mdn.net/sadbundle/9211617412276625233/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 08:38:43 GMT
x-content-type-options: nosniff
age: 351579
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4380
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:34:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 08:38:43 GMT

GET
H3 200 COPY.png
s0.2mdn.net/sadbundle/9211617412276625233/ Frame A184 7 KB
7 KB 6ms
5ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9211617412276625233/COPY.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c42ee2281367f446e5bf2789698ad1c32483669af9384abacb43029517555393

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://s0.2mdn.net/sadbundle/9211617412276625233/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 08:38:43 GMT
x-content-type-options: nosniff
age: 351579
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7627
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:34:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 08:38:43 GMT

GET
H3 200 BUY.png
s0.2mdn.net/sadbundle/9211617412276625233/ Frame A184 3 KB
3 KB 10ms
9ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9211617412276625233/BUY.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6901497ba9f5c0414d450dd763729dc3cd7aef945f77cf28fe7e42ed76545f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://s0.2mdn.net/sadbundle/9211617412276625233/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 08:38:43 GMT
x-content-type-options: nosniff
age: 351579
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3199
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:34:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 08:38:43 GMT

GET
H3 200 Vector_Smart_Object.png
s0.2mdn.net/sadbundle/9211617412276625233/ Frame A184 2 KB
2 KB 11ms
10ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9211617412276625233/Vector_Smart_Object.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb4a0050b78fffb48df0b9845aaee9aeedfe0871e540633619710d8c9c601a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://s0.2mdn.net/sadbundle/9211617412276625233/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:48:31 GMT
x-content-type-options: nosniff
age: 221391
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2401
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:34:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:48:31 GMT

GET
H3 200 BG.png
s0.2mdn.net/sadbundle/9211617412276625233/ Frame A184 6 KB
6 KB 8ms
6ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9211617412276625233/BG.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a16e447dbac1f308581f17e1b89a25b2043cb3b7674865358c8bbcfb839ab0ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://s0.2mdn.net/sadbundle/9211617412276625233/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 08:38:43 GMT
x-content-type-options: nosniff
age: 351579
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5739
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:34:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 08:38:43 GMT

GET
H3 200 PIC_2.png
s0.2mdn.net/sadbundle/9211617412276625233/ Frame A184 17 KB
17 KB 9ms
8ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9211617412276625233/PIC_2.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d22e8674996add266e802e3bbd788292e2b94866193047a2811ee27d86d46b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://s0.2mdn.net/sadbundle/9211617412276625233/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 08:38:43 GMT
x-content-type-options: nosniff
age: 351579
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17196
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:34:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 08:38:43 GMT

GET
H3 200 PIC_1.png
s0.2mdn.net/sadbundle/9211617412276625233/ Frame A184 14 KB
14 KB 8ms
6ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9211617412276625233/PIC_1.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4727e445e47f5141bf5114c6d06666d91dc856e98f78cda08be077c51960a5fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://s0.2mdn.net/sadbundle/9211617412276625233/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:46:15 GMT
x-content-type-options: nosniff
age: 221527
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14157
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:34:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:46:15 GMT

GET
H/1.1 200
OK cors Show response
rt.ad-score.com/score/ 52 B
595 B 824ms
200ms XHR
text/plain 35.208.216.174
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=reurl.cc&l1=7942&l2=reurl.cc&l3=JP&l4=desktop&l5=5.832&cb=0.7865866599012119
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 35.208.216.174 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 174.216.208.35.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 10:18:23 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://reurl.cc
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 52

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BB09 0
20 B 47ms
47ms Image
image/gif 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BUb1SbjN4ZY-LKa-Rpt8PncmLgAIAAAAAOAHgBAI&bg=!6-il6KfNAAY3kmNgF5I7ADQBe5WfOHdDY7HqEc4aZOVw21pZktbWOLJA17xhVwFvX4XWsiPXJqejIIEbQ53DSbHViHARAgAAAG5SAAAAAmgBB5kDOkvnDNqsp9WVIgNbGNIaPIzIeM8Xoa3PCd6p47ffWjNNXjhq74_93-HhEDJQZFuWux0Kr0eqHYTc6fE3gmrkVWqonA9n_V6_xkB3o2BJzcqWPJGQQbSpZ6kFflG4PkKWDhUHP34oow3-NGUzWE93I8OBZFaYZR68b8QcMT-5rYVQ7IpH6VDphg7UZZ3vvHOXmRqwXBFgANH1neVdvfqTkalVNYMi9UJwAULXFM0F0nUQmTjDy3hCAe5WF5p-B5lJPwnq8WqkZNBcn8mxHxZrNvZzjS3JZ7hDblI-gpCvGefEHgpFxmAMNgEny_LxhG8Xx3kldbGfDXNCqUjrLKYRhzlg69MnC2uo3EDNhm8IPS-NaIADhphNmoJnlg5RARyPYHwU6ZT5r0aika8v3SvYNQX2XCNPaLHNM-mBXw6B_cYQrHcBvml9PICW8YY0F8S--Yp_MiHqj1yFy9Oy14pwj81dxteaczEQjcf0i74r5CA0q_2GK2PnhYbJ_8dgMANc5nwYg8uPPa9oDSAh4FGNBOs8tIFp4UffuYkpToXgdGL3sPEKUbRUS9dI5xTIn2r-udwAmX8BUEcMCNcmOaTyNVd3IK2tbNy89wXQ2Ub_exDLBl3mKdttkrsmOn9klwm_7YNqwUU0QvnrmfIcc0v4as6grEEEtr2FVcp3xSEKjLudnAMSNIs_DjtwdSm2Q-pELK3I6-SI1_fYWlhrqskex90qDBJeeq0nfNj8X3pLmIxihNzuuqVbbdyViHw7RSJ6WIhVjRyD-f-odYeKZg4BVYGmEKytiG4I4VMgyClWWwFeuMiPKLIWod7q72eBpbrScDYDmTtJgWKx9K_JzXzE4qSa9T9chuf3FvNdPy3fDtznRZkaFF6oteori-joL4nLbqVmgeV2n5seTRoEcEZO5FVevKGBiqwbEsh4uSfYMu4mHGBSsaGhZU_Xy9qS1EU3Tl6HQVFWojiQ_yeSlAIvUB9cZoAQtyiAkPDdChSAbc73OvTED3A65-x-aa8N7j3fTPh20SOXKVcOXcA6nduh21EaMjhmjSgbNwiv5-UJAbx3U14rmy7AAvkaUfTL5Nno1zcNPp1qNmsVADQ

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 0B34 37 B
409 B 78ms
77ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

b8ddda03beeb8f92bb2a33bc873956dcb7601ef13f416c9912f953ebc122b391

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:23 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9588
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=jFyFdnxpaTEzekNhSlN0aXltZDJUUjFaUkN0ZHFZekpaOFpsTkxnc0Uwc3JvVlk3WGRJU1F1MUQzaFgzK2hJU3hoMm9JVDUrTzRlc20xYzFlWFBvUEpNdDAvS3p3VFAvSTBCcU1pVTJTdU15c0t2S0xIRXVHdmh3aTlnS0...

431 B
653 B

233ms
76ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=jFyFdnxpaTEzekNhSlN0aXltZDJUUjFaUkN0ZHFZekpaOFpsTkxnc0Uwc3JvVlk3WGRJU1F1MUQzaFgzK2hJU3hoMm9JVDUrTzRlc20xYzFlWFBvUEpNdDAvS3p3VFAvSTBCcU1pVTJTdU15c0t2S0xIRXVHdmh3aTlnS0IrVy9yS1BMakt0QUE0bjdHWjZqM0o0cWNuUGlMcjdaVi80cHR0UWtpTmxMV1ZhSk8ycjRxOE9rNWszSFRTLzZpd2JJbTFVM1UwVkJxa1J0TjF6WHVDVU9CSTc5WUJQR0lSZVgvbytNaE1kd3o0Nytnekw2bVcrU0E1cnpqdVZNZGtRQWxIOURVbHVNSlJnV0w2WE54YVNGRUc2Zmdmdz09fA&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

0c1d5335d48c1231012293aaa5a4c25e09f7503fb34e508e7fb4427a4e26286c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1309642
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=jFyFdnxpaTEzekNhSlN0aXltZDJUUjFaUkN0ZHFZekpaOFpsTkxnc0Uwc3JvVlk3WGRJU1F1MUQzaFgzK2hJU3hoMm9JVDUrTzRlc20xYzFlWFBvUEpNdDAvS3p3VFAvSTBCcU1pVTJTdU15c0t2S0xIRXVHdmh3aTlnS0IrVy9yS1BMakt0QUE0bjdHWjZqM0o0cWNuUGlMcjdaVi80cHR0UWtpTmxMV1ZhSk8ycjRxOE9rNWszSFRTLzZpd2JJbTFVM1UwVkJxa1J0TjF6WHVDVU9CSTc5WUJQR0lSZVgvbytNaE1kd3o0Nytnekw2bVcrU0E1cnpqdVZNZGtRQWxIOURVbHVNSlJnV0w2WE54YVNGRUc2Zmdmdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 386205
content-length: 0
expires: 0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 0B34 202 KB
53 KB 3ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 12 Dec 2023 10:18:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 8hTmTD0yxIkJ6JPr4/wbUIEJ/HJMCUvyigw5IyQH+8Qo1My2uRi/Ing3GU1FEtATYwCRuqFbdzyhbBxlj9ktHw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame BF10 202 KB
53 KB 3ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 12 Dec 2023 10:18:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 8hTmTD0yxIkJ6JPr4/wbUIEJ/HJMCUvyigw5IyQH+8Qo1My2uRi/Ing3GU1FEtATYwCRuqFbdzyhbBxlj9ktHw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B585 42 B
64 B 94ms
47ms Fetch
image/gif 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8eVxP2p9agr22shwJjyJldk8j7o69Xh-5xkCIbBOg3sH_wfho0SB4_DvpdKdMPmAlo-toFAaTHCO0vMTXuQPMwESl5UXWky9LepW6MTjxdQAJxQg9CImRS5RXHDgISADTsjHguXKJL5MeVSeEbvf3ilu6&sig=Cg0ArKJSzGVZRRK_m2o-EAE&id=lidar2&mcvt=1000&p=1180,1599,1181,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702376302293&rpt=187&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 35FC 2 KB
1 KB 72ms
70ms Script
text/html 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=766&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=2765-T5NLwNUTFkT73LOvoAGgLUqZhEc6LEiZ&fp_uuid=2765-ac69bf05835fe423366c58eacb786977&initver=230627P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 85860504237da19e5fe0e00064ba0500bb820d783912adb6faa56af971a774c5

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 12 Dec 2023 10:18:23 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 35FC 131 KB
42 KB 360ms
359ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-20a3d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 13 Dec 2023 10:18:23 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 35FC 3 KB
4 KB 4ms
3ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date: Tue, 12 Dec 2023 10:18:09 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 02:29:01 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 15
x-amz-server-side-encryption: AES256
etag: "13519f9e63c9828d93a698c47992e115"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3197
x-amz-cf-id: 9vHugpeSYXGhRDedjl2pt7C3Akt56k4_qsMMX9R1wiELnNRKm6szsg==

GET
H2 200 ucfunnel.js Show response
cdn.holmesmind.com/js/ Frame 35FC 2 KB
3 KB 40ms
39ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/ucfunnel.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6215cea030001547475bd19ec624e50c85af367309e115d7813ae4eaff664d32

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: 7FnOHKe__pwg0dVwIyTfAcdImUIZ6pwv
date: Tue, 12 Dec 2023 10:18:24 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 03:54:43 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
etag: "8ebabc4e0b1d40fe52514166c7db7048"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2166
x-amz-cf-id: 3qgpsDXaG7bDb8SWhHaljt5OQSfpotWuhe9lp9LEo-Xf333c6v2NMQ==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 673E 2 KB
1 KB 46ms
45ms Script
text/html 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=82&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=2765-T5NLwNUTFkT73LOvoAGgLUqZhEc6LEiZ&fp_uuid=2765-ac69bf05835fe423366c58eacb786977&initver=230627P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5d7dbac87791e59386c79498f6799af7f06a5cb355a08711877fff9fd46bf31e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 12 Dec 2023 10:18:23 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 673E 3 KB
3 KB 8ms
7ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date: Tue, 12 Dec 2023 10:18:23 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 03:28:50 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 30
x-amz-server-side-encryption: AES256
etag: "519bf06eca29382b4ee4cc4f1dace214"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2905
x-amz-cf-id: ksjheuc0MdHPzUPfXdt00GM48Z-zYPeXVzn02esNuVltAMcYRW8BjQ==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 673E 131 KB
42 KB 190ms
189ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-20a3d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 13 Dec 2023 10:18:23 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 673E 3 KB
4 KB 7ms
6ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date: Tue, 12 Dec 2023 10:18:23 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 02:29:01 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 15
x-amz-server-side-encryption: AES256
etag: "13519f9e63c9828d93a698c47992e115"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3197
x-amz-cf-id: bFe_U0zBQzVy6YL-EnQZvblV0szVoSMX2yFybipJ1RqXJT9FWDZqQg==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 673E 3 KB
4 KB 5ms
5ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date: Tue, 12 Dec 2023 10:17:45 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:50:04 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 39
x-amz-server-side-encryption: AES256
etag: "41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3470
x-amz-cf-id: rqPR2ujBzvxXUnPkOZ4ShiKwDHAc67bMd7bsmQea0aRxyx2kdXpmyQ==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 673E 3 KB
4 KB 7ms
6ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: vx758Mn4TxvAFYWIa_VgUv909JqZwBmr
date: Tue, 12 Dec 2023 10:18:23 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 05:30:47 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 22
x-amz-server-side-encryption: AES256
etag: "a63d91ae98de3f6d3d1ec4ebd2b3bab9"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3349
x-amz-cf-id: jkfuRLTZKW_y09rdB8nCi-mUaBgtFiCL9_mGhXamhVPmGAFJn1LX8g==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 673E 5 KB
6 KB 6ms
5ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date: Tue, 12 Dec 2023 10:17:44 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:15:25 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 60
x-amz-server-side-encryption: AES256
etag: "ec9ddd169f5fd01f28f9b31866cd4701"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5467
x-amz-cf-id: Ir5oAe5vvgJccnTgtYQ-ZkATZCYMzdynHByXpjzFU4mdeM1kZBGPhQ==

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 673E 2 KB
2 KB 383ms
78ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.017883364969792703
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: 6da09922041317a5c21dbcc3edfc9c08996fd01e2e164960e1454bc10eeb58d6

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://reurl.cc
Date: Tue, 12 Dec 2023 10:18:23 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel
Transfer-Encoding: chunked

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 673E
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=D38PMy1yAsGXtXZkcDN4ZQ

2 B
160 B

42ms
42ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=D38PMy1yAsGXtXZkcDN4ZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 12 Dec 2023 10:18:24 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=D38PMy1yAsGXtXZkcDN4ZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 673E
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=SsGr5q_FDcGpXhYGcDN4ZQ

2 B
131 B

43ms
43ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=SsGr5q_FDcGpXhYGcDN4ZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 12 Dec 2023 10:18:24 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=SsGr5q_FDcGpXhYGcDN4ZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 673E 0
171 B 210ms
70ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 12 Dec 2023 10:18:23 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 0B34 0
194 B 78ms
78ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=undefined&mp=b081f490-404e-4339-93b0-c73e80dbd3a2

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:23 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
b081f490-404e-4339-93b0-c73e80dbd3a2.t.ssp.hinet.net/ Frame 0B34 0
79 B 127ms
74ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b081f490-404e-4339-93b0-c73e80dbd3a2.t.ssp.hinet.net/pixel?bd=b081f490-404e-4339-93b0-c73e80dbd3a2&t=cf&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:23 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 35FC 0
170 B 301ms
94ms XHR
text/plain 209.58.171.197
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=zh-TW&je=1&dnt=0&adid=ad-E2B6A4DA7838884AF9E83E64D69E36D&u=https%3A%2F%2Freurl.cc%2FgaOWLp&host=reurl.cc&w=300&h=250
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/ucfunnel.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://reurl.cc
Date: Tue, 12 Dec 2023 10:18:22 GMT
Access-Control-Allow-Credentials: true
Connection: close

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 673E 13 KB
13 KB 4ms
4ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=82&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=2765-T5NLwNUTFkT73LOvoAGgLUqZhEc6LEiZ&fp_uuid=2765-ac69bf05835fe423366c58eacb786977&initver=230627P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date: Tue, 12 Dec 2023 10:18:23 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:54:55 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 31
x-amz-server-side-encryption: AES256
etag: "dcf480340ca4b65dc9aa76bd9e677036"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 13033
x-amz-cf-id: 8ZNVXYGfWMyBjn9BdmDFDIhWkb4awzm5II0Uj1kGr4SpQeA_tEZTyQ==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 35FC 13 KB
13 KB 3ms
3ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=766&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=2765-T5NLwNUTFkT73LOvoAGgLUqZhEc6LEiZ&fp_uuid=2765-ac69bf05835fe423366c58eacb786977&initver=230627P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date: Tue, 12 Dec 2023 10:18:23 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:54:55 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 31
x-amz-server-side-encryption: AES256
etag: "dcf480340ca4b65dc9aa76bd9e677036"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 13033
x-amz-cf-id: 5bmswn2Y-DlWL4QFFvZ9ukl3ZmFHGEMsDzxlV0NXNK1Dw4gZ_OW1cQ==

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E030 42 B
64 B 43ms
43ms Image
image/gif 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuK60PYtI_Nz4h71byH_swkJ7DROU7zPrMY2KAeAHa6YGeIYVXs_UIkoRUFotnBWbU2Lu9AvPRhR27MLtCxmswlfbOuQ_wqgow_-wuMNONF3tUG8LTAna8gTUCTGVCqrkzjw0kwFQ2EaYOOuBDJpLg224hL&sai=AMfl-YRdef9_kGVtG90x2VLCFbxSjhrJS_8RVCwjFmrueLOFIBgItdA9dNQeJ_Fi4hjg3WMVTTiEbcXnlCIS6UQExeATf8UJhXQEwJYehrUjDGv-7LHDJE1rnb-0ZXaxTLF-t7aBWZN-TXUl2WNCYs9CHg&sig=Cg0ArKJSzErgBKRvNoS0EAE&cid=CAQSTwAvHhf_XjCeBgCtKmadiCSUsNKd-8wclr0YYV3gs7wBqJqoJfkZCL5QJAcTTQ7blgZfQP4nmqXoKNnrEZmEdg35c0yjf_UGUppAvY0MZCsYAQ&id=ampim&o=270,108&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=300&tls=1300&g=100&h=100&tt=1300&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 35FC 5 KB
3 KB 75ms
74ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:23 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Tue, 12 Dec 2023 10:28:23 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 673E 5 KB
3 KB 75ms
74ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:23 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Tue, 12 Dec 2023 10:28:23 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 35FC 36 B
401 B 78ms
78ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

74687619d19b6aab5fb64d2a418337b20ca4332c3971bb34f55490d0a3c47552

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:23 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 673E 36 B
401 B 77ms
77ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

74687619d19b6aab5fb64d2a418337b20ca4332c3971bb34f55490d0a3c47552

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:23 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 673E 0
186 B 353ms
83ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=145&profileId=184&bundle=A1hFI18lMkI5U2VnejBiU0ZUR2xpdVdMVjFhN3YyUFhKRlZTUEprUFM4Q3hHOCUyQnBKOTZvdVN2NEZ1aGlXZ2RqZUJQYmZqMHhjN2FpYmhRUW0lMkY5YiUyRkdRN1RyeU5DajBDd0hJZ3RpZk5Xa2lwVzQyR1Z3S3FGdjRwUFJNamliRkUxcHFGOFEyNzhHV012SmZ3TnJqNW1MSlMwNkhiQSUzRCUzRA&cb=69976748417

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 12 Dec 2023 10:18:23 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E196 42 B
64 B 46ms
45ms Fetch
image/gif 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUkR_6A_mL4L2pG0QQXpB_HFKHulwPbnSYkqnhFbkBknOi13KJNpRLmpthfOo-w-5Bg79qEKq1maDRsxfxWkO9Y_xzJqzxCVNpQXUJvX_q3rBHm_VVefyHYz-yMFjENG0H3AWtbp_o-MXszCyeAnHBzQFL&sai=AMfl-YTU06RvZ75Gszm8XWHw1BgOg5LYIRxpM9Go5yejGUB_JpFRKax5hQKt1EA4ndL4GWFdUaE6jpsXkIIUqWhh81bAyGjouKha1-yvgPEyL4SqakVqWNPvvUZTY0AFPrBpYRmLV1UF_5RS_R_CkcCQJw&sig=Cg0ArKJSzEbfXV70k262EAE&cid=CAQSTwAvHhf_XjCeBgCtKmadiCSUsNKd-8wclr0YYV3gs7wBqJqoJfkZCL5QJAcTTQ7blgZfQP4nmqXoKNnrEZmEdg35c0yjf_UGUppAvY0MZCsYAQ&id=lidar2&mcvt=1001&p=455,436,545,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=81851380&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702376302333&rpt=492&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prtct.php Show response
stg.truvidplayer.com/v5.832/ Frame A641 0
327 B 169ms
168ms Document
text/html 143.204.86.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/v5.832/prtct.php?val=f&geo=JP&timestamp=1702376304&level=0
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-119.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 12 Dec 2023 10:18:23 GMT
server: nginx
via: 1.1 08eb3bf00a3ab2939539c3ee2ca61d84.cloudfront.net (CloudFront)
x-amz-cf-id: Vn2_kcWC2T8XQGT9BjFSnD-9bi5BY4tLCafaq3Eoe1PaB7VfAUTi3g==
x-amz-cf-pop: NRT12-C2
x-cache: Miss from cloudfront

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 35FC 30 B
271 B 77ms
77ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=b081f490-404e-4339-93b0-c73e80dbd3a2

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:23 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E196 0
20 B 43ms
43ms Ping
image/gif 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5082355801828&version=m202309260101&ct=119&x=1&cor=16426952532691026000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 35FC 0
187 B 229ms
81ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 12 Dec 2023 10:18:23 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame A5BD 90 KB
29 KB 126ms
126ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee0333bac53e13791c2839cdf75c14fa96fe7e2e9c685763d472897f865e6571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29427
x-xss-protection: 0
server: cafe
etag: 222 / 19703 / m202312050101 / config-hash: 11999804698944333348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 10:18:24 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 35FC 0
186 B 74ms
73ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 12 Dec 2023 10:18:23 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 35FC 43 B
365 B 146ms
145ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 06 Dec 2024 10:18:24 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 35FC 43 B
365 B 146ms
145ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 06 Dec 2024 10:18:24 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 673E 43 B
365 B 143ms
142ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 06 Dec 2024 10:18:24 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 673E 43 B
365 B 144ms
143ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 06 Dec 2024 10:18:24 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 673E 0
186 B 74ms
74ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 12 Dec 2023 10:18:23 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 17D0 9 KB
10 KB 4ms
3ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date: Tue, 12 Dec 2023 10:18:22 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 00:04:29 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 21
x-amz-server-side-encryption: AES256
etag: "2b18447e41c64d14195cefd72eb57400"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9645
x-amz-cf-id: 8LzLxeneDag4TKa28h944x121t1cRIMTotS3pTXidvUgCQqUdqQ3UA==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 1038 10 KB
10 KB 4ms
3ms Document
text/html 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2765-ac69bf05835fe423366c58eacb786977
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 37
content-length: 9921
content-type: text/html
date: Tue, 12 Dec 2023 10:17:47 GMT
etag: "d9100a146ee339f43d0752ef9c998a0d"
last-modified: Tue, 17 Oct 2023 03:41:19 GMT
server: AmazonS3
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
x-amz-cf-id: 72OAs8FV8-6K4z1NVX6XcIKJq1NHBKE5MKHKTQYjcxWKFzCRWhCRzQ==
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache: Hit from cloudfront

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 5108 11 KB
11 KB 4ms
4ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date: Tue, 12 Dec 2023 10:18:23 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 05:41:00 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 2
x-amz-server-side-encryption: AES256
etag: "f4a52d8d8c27ce73cc789edbfef51e62"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10828
x-amz-cf-id: 5YJyUbzOaU5LkflrmN5cLgKd6M7nljNhca786p8GXrdk7EAWuSorLQ==

GET
H/1.1 200
OK /
cm.lndata.com/ Frame 1038 35 B
470 B 218ms
77ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=944491-cWeK4Jdh2qEwcvxRgGEzjZZX89iceQ9H
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2765-ac69bf05835fe423366c58eacb786977
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 12 Dec 2023 10:18:24 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 1038 0
217 B 5ms
4ms Image
text/html 52.68.5.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=2765-ac69bf05835fe423366c58eacb786977
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2765-ac69bf05835fe423366c58eacb786977
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.5.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-5-49.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H3 200 cm
c.holmesmind.com/ Frame 1038 0
16 B 926ms
926ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2765-ac69bf05835fe423366c58eacb786977
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:25 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2

200

google
m.holmesmind.com/ml/ Frame 1038
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=944491-cWeK4Jdh2qEwcvxRgGEzjZZX89iceQ9H&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=944491-cWeK4Jdh2qEwcvxRgGEzjZZX89iceQ9H&uu_m=undefined&google_gid=CAESEMxSlw719Ls1Gpm5rFAehVE&google_cver=1

0
160 B

18ms
17ms

Image
image/png

35.227.249.156
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=944491-cWeK4Jdh2qEwcvxRgGEzjZZX89iceQ9H&uu_m=undefined&google_gid=CAESEMxSlw719Ls1Gpm5rFAehVE&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2765-ac69bf05835fe423366c58eacb786977
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
x-guploader-uploadid: ABPtcPqffQS0WROpW8P1_SO92Jre33I4a1jsP-ZBrw6jM4dPJHVzgWZ7n6Oo9_B_1-zXIy0NRR5m3p3YFCRSgolNOn2NbQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Tue, 12 Dec 2023 11:18:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=944491-cWeK4Jdh2qEwcvxRgGEzjZZX89iceQ9H&uu_m=undefined&google_gid=CAESEMxSlw719Ls1Gpm5rFAehVE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
ad.holmesmind.com/adserver/ Frame 5108 1 KB
659 B 8ms
7ms Script
text/html 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/Preset.js?z=13849
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b5150c2d8be008e41735325a2c448dbf3f9a67133b98c5d990c802649172869e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 12 Dec 2023 10:18:24 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 js-md5.js Show response
cdn.holmesmind.com/js/ Frame 5108 30 KB
30 KB 5ms
4ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/js-md5.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date: Tue, 12 Dec 2023 10:17:44 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:04:56 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 48
x-amz-server-side-encryption: AES256
etag: "ab3f6a2aedec7585237d5fb727bebcbb"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 30621
x-amz-cf-id: FpW610Tw5Jjzd6OXWdM6IwQWJo0hqy8N41CE1hsu_-fNEHV00rYdXQ==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 5108 2 KB
1 KB 40ms
38ms Script
text/html 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=886&o=1&fc=2765-T5NLwNUTFkT73LOvoAGgLUqZhEc6LEiZ&d=1&b=2&ts=1&ii=2&FPCK=2765-T5NLwNUTFkT73LOvoAGgLUqZhEc6LEiZ&fp_uuid=2765-ac69bf05835fe423366c58eacb786977&initver=230627P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0b4244649c61b071c525cc539bc1f2b35dd800e6f3cf68c032fbcddd50d17655

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 12 Dec 2023 10:18:24 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 5108 3 KB
3 KB 5ms
4ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date: Tue, 12 Dec 2023 10:18:23 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 03:28:50 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 31
x-amz-server-side-encryption: AES256
etag: "519bf06eca29382b4ee4cc4f1dace214"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2905
x-amz-cf-id: vgpia0ln_0ULJBUoeEX-DuYu0fr30tqvO3-lEDoi0jigI5RGIu9D5Q==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 5108 131 KB
42 KB 163ms
162ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-20a3d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 13 Dec 2023 10:18:24 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 5108 3 KB
4 KB 5ms
4ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date: Tue, 12 Dec 2023 10:18:23 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 02:29:01 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 16
x-amz-server-side-encryption: AES256
etag: "13519f9e63c9828d93a698c47992e115"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3197
x-amz-cf-id: qzof2v-C2SBIG-7A-pRn35LncZR2z3AArVAuHZHt-kXDxlIOB-uQSg==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 5108 3 KB
4 KB 5ms
5ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date: Tue, 12 Dec 2023 10:17:45 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:50:04 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 40
x-amz-server-side-encryption: AES256
etag: "41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3470
x-amz-cf-id: 8VfZnp86cPMn8KClADbEJo2I1EHD0qattY-s4p5SqySrrZpOWP4e7g==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 5108 3 KB
4 KB 6ms
5ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: vx758Mn4TxvAFYWIa_VgUv909JqZwBmr
date: Tue, 12 Dec 2023 10:18:23 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 05:30:47 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 23
x-amz-server-side-encryption: AES256
etag: "a63d91ae98de3f6d3d1ec4ebd2b3bab9"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3349
x-amz-cf-id: c5xUFConXE53_VZ8VilN-JDJLWtTuXxUARtRu9E13fGjbOXMKMl3yA==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 5108 5 KB
6 KB 38ms
38ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date: Tue, 12 Dec 2023 10:18:25 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:15:25 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
etag: "ec9ddd169f5fd01f28f9b31866cd4701"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5467
x-amz-cf-id: 7hSLlJhaxLH6twF2Q4PcLSSptf2I6BBu7VW0SxMyar7qyVyIBRwwMA==

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 5108 0
170 B 69ms
69ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 12 Dec 2023 10:18:24 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 5108 2 KB
2 KB 89ms
89ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.6975490860426314
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: 5c1a0cc0660ca4a75c7818fa364ba338d0057590fbbfb8ece381c6a22d6b7c61

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://reurl.cc
Date: Tue, 12 Dec 2023 10:18:23 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel
Transfer-Encoding: chunked

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 5108
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=SsGr5q_FDcGpXhYGcDN4ZQ

2 B
20 B

42ms
41ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=SsGr5q_FDcGpXhYGcDN4ZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 12 Dec 2023 10:18:24 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=SsGr5q_FDcGpXhYGcDN4ZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 5108
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=SsGr5q_FDcGpXhYGcDN4ZQ

2 B
20 B

42ms
42ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=SsGr5q_FDcGpXhYGcDN4ZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 12 Dec 2023 10:18:24 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=SsGr5q_FDcGpXhYGcDN4ZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 5108 13 KB
13 KB 3ms
3ms Script
application/javascript 2600:9000:20e4:2400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=886&o=1&fc=2765-T5NLwNUTFkT73LOvoAGgLUqZhEc6LEiZ&d=1&b=2&ts=1&ii=2&FPCK=2765-T5NLwNUTFkT73LOvoAGgLUqZhEc6LEiZ&fp_uuid=2765-ac69bf05835fe423366c58eacb786977&initver=230627P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:2400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date: Tue, 12 Dec 2023 10:18:23 GMT
via: 1.1 a484d4614a8f317edc7091a752692b40.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:54:55 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 32
x-amz-server-side-encryption: AES256
etag: "dcf480340ca4b65dc9aa76bd9e677036"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 13033
x-amz-cf-id: Uq6V6BKP0QXUQDyHj8bTPpO1Qb7BKWwhwyQZkGeCl8kaUDPHxT4GDg==

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 673E 0
187 B 79ms
78ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=2765-T5NLwNUTFkT73LOvoAGgLUqZhEc6LEiZ&mp=b081f490-404e-4339-93b0-c73e80dbd3a2

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
b081f490-404e-4339-93b0-c73e80dbd3a2.t.ssp.hinet.net/ Frame 673E 0
79 B 75ms
74ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b081f490-404e-4339-93b0-c73e80dbd3a2.t.ssp.hinet.net/pixel?bd=b081f490-404e-4339-93b0-c73e80dbd3a2&t=50ef57&referrer=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/ Frame A5BD 431 KB
135 KB 2ms
2ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37797
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138171
x-xss-protection: 0
server: cafe
etag: 7807444821274263820
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 10 Dec 2024 23:48:27 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A5BD 56 KB
14 KB 391ms
390ms Fetch
text/plain 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2848844592521536&correlator=2154617062815477&eid=31079927%2C31080079%2C31080123%2C31079977&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3Ddf42ae11c4e28d27%3AT%3D1702376301%3ART%3D1702376301%3AS%3DALNI_MZMN40TTD-lBk1zYS9HHmH2IvFO2g&gpic=UID%3D00000caa9a445f83%3AT%3D1702376301%3ART%3D1702376301%3AS%3DALNI_MZ-BBlJ8lvXO48CFINLEFfIrYKZKQ&abxe=1&dt=1702376304345&lmt=1702376304&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=ls2vprvha9hj&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=3&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=197797429.1702376302&ga_sid=1702376304&ga_hid=721724922&ga_fc=true&dlt=1702376304170&idt=167&adks=3360245792&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

730863af2f42f8b0a58a1d0297a6b09f8b96e34cb36f023d3ba539644f26ed58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13971
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A5BD 16 KB
12 KB 56ms
56ms XHR
application/json 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6aa42439d6acdb1b8c427de1e4cdea34f4c0053544b956c43c554d7c53c14b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12396
x-xss-protection: 0

GET
H2 200 container.html Show response
ae55ec5e96ad21362dc8f4b21f6110a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B82E 6 KB
3 KB 119ms
39ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ae55ec5e96ad21362dc8f4b21f6110a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 10:18:24 GMT
expires: Wed, 11 Dec 2024 10:18:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A5BD 17 KB
6 KB 81ms
80ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 12 Dec 2023 10:18:24 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 5108 0
186 B 151ms
150ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 12 Dec 2023 10:18:24 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 5108 5 KB
3 KB 75ms
74ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Tue, 12 Dec 2023 10:28:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 80C3 13 KB
5 KB 3ms
2ms Document
text/html 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 37794
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 23:48:30 GMT
expires: Tue, 10 Dec 2024 23:48:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BF8B 829 B
559 B 39ms
39ms Document
text/html 2404:6800:4004:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8eb65a15bd7e425911056fc9d4e8094ebc85a20ea1cbff1b9840a4f00fb06a07

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nIcCzvxcHnAInkqSfAoPAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-nIcCzvxcHnAInkqSfAoPAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 10:18:24 GMT
expires: Tue, 12 Dec 2023 10:18:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 5108 36 B
401 B 77ms
77ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

74687619d19b6aab5fb64d2a418337b20ca4332c3971bb34f55490d0a3c47552

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 80C3 39 KB
15 KB 9ms
9ms Script
text/javascript 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 07:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 356907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 07:09:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BF8B 0
0 46ms
46ms Image
text/html 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312050101&jk=2848844592521536&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

POST
H2 204 events
bidder.criteo.com/csm/ Frame 5108 0
186 B 74ms
74ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 12 Dec 2023 10:18:24 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 5108 43 B
365 B 146ms
145ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 06 Dec 2024 10:18:24 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 5108 43 B
365 B 152ms
152ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 06 Dec 2024 10:18:24 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 80C3 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GQ9q0A
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 6C3B 196 KB
55 KB 4ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 07 Dec 2023 15:55:11 GMT
age: 411793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Dec 2024 15:55:11 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6C3B 15 KB
5 KB 6ms
4ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 11 Dec 2023 23:54:31 GMT
age: 37433
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Dec 2024 23:54:31 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6C3B 95 KB
28 KB 7ms
5ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Dec 2023 18:34:10 GMT
age: 315854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Dec 2024 18:34:10 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6C3B 5 KB
2 KB 8ms
7ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 06 Dec 2023 19:42:08 GMT
age: 484576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 05 Dec 2024 19:42:08 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6C3B 40 KB
13 KB 9ms
8ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 07 Dec 2023 15:58:35 GMT
age: 411589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Dec 2024 15:58:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6C3B 1 KB
517 B 41ms
40ms Stylesheet
text/css 2404:6800:4004:826::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%83%9ET%E3%80%81%E4%BC%9A%E3%82%88%E3%82%B5%E3%83%AB%E3%81%A6%E3%81%8BG%E3%83%895%E7%9B%8A%E3%81%84%E6%96%99%E7%84%A1%E3%82%B9I%E6%8B%A1%E5%A4%A7%E3%81%86%E3%82%BB%E3%83%841%E9%81%B8%E3%82%AB%E6%A9%9F%E3%83%B3%E3%83%BC%E3%81%AE%E3%82%92%E3%82%BF%E3%83%88E%E3%83%AC%E3%81%A7%E3%82%82%E5%8F%8E%E3%82%AF%E9%80%83%E3%82%8B%E3%81%97%EF%BC%9F

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4fc703e8cd2b090a02c3d790930dcc1684f805293150f200ed18ac81df35a88e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 10:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 10:18:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 10:18:24 GMT

GET
H3 200 zh_tw_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6C3B 3 KB
3 KB 8ms
7ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw_bl.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3734c01100f54eb39e2612827645a197465b209f0b058efd22d2aa04f34fb66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:48:40 GMT
x-content-type-options: nosniff
server: cafe
age: 37784
etag: 4870481765684750750
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3412
x-xss-protection: 0
expires: Tue, 12 Dec 2023 23:48:40 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6C3B 344 B
368 B 8ms
7ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 19:42:57 GMT
x-content-type-options: nosniff
server: cafe
age: 52527
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 12 Dec 2023 19:42:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6C3B 0
0 36ms
35ms Image
text/html 2404:6800:4004:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRo4ms5gMU4BL_yo52LjQMHi4j4AZ4--xlH37FIeVmESoiwhSF0yJbpqgHFX8-w4IXFPuPwfiPFDFz9xGLosYupFFYTUQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:828::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 6C3B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6C3B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c934279a5712a2eac721aa250ced8a0612804fe7b020c8939e581b34ad0c1f1

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 font
fonts.gstatic.com/l/ Frame 6C3B 25 KB
25 KB 3ms
2ms Font
font/woff2 2404:6800:4004:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqc02ZQwq1cQDrgTnhzUle-PiMW6l3nyUTMt7-RxI_PW5ihYCLtoVzkPL7pgjrq3nBB3KgqOh4wIlJFscMQ0KahQJAhjbh59DrN53ll-_R__w7Muv4IoI8Fx55pYSZTNsF_o9pO7L7xNH0ggGlARzdnrdMCratLDNL1udNhdbq_ft4YsJZ6rHZDBEchBj6HoGZDn91CtILW6w&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%83%9ET%E3%80%81%E4%BC%9A%E3%82%88%E3%82%B5%E3%83%AB%E3%81%A6%E3%81%8BG%E3%83%895%E7%9B%8A%E3%81%84%E6%96%99%E7%84%A1%E3%82%B9I%E6%8B%A1%E5%A4%A7%E3%81%86%E3%82%BB%E3%83%841%E9%81%B8%E3%82%AB%E6%A9%9F%E3%83%B3%E3%83%BC%E3%81%AE%E3%82%92%E3%82%BF%E3%83%88E%E3%83%AC%E3%81%A7%E3%82%82%E5%8F%8E%E3%82%AF%E9%80%83%E3%82%8B%E3%81%97%EF%BC%9F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

85471e5e51bc58825f357a0ecfdbf31b107bd12b5b9e994901b41865c69458d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://reurl.cc
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:20:25 GMT
x-content-type-options: nosniff
age: 28679
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25276
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 13 Dec 2023 02:20:25 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6C3B 0
0 46ms
46ms Image
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CG635cDN4ZZTYGOmXid4PrYG3uAKa8-fUdLCv_dK4EmQQASDSzIEaYInzxYT0E6AB69WC-APIAQGpAjJga2BLfj0-4AIAqAMByAMKqgTCAk_QTlDMonMlMzriN6EUjnGQ07YOjDBDvuOZLZ7FjCK27Oc1-FLYvp8p4JvIbmqlCPManZn5H-gkZPNUqcyErOGVp-yOTdieWvxYboowvMqIQxBhpzXRRg150tPV0DX0TMXLzw-_C9h6RZSSmQfQKUEpmamoarbbMy48NAyMcYZMte6s_8MasJoKOkkMvSLdao8_YHhY8LZZRYm5B8MpfUpqCXqMSRF-d_h3atA2F1jePc1yD3LEUkfg_ReW8Gzc_g712WuFUZNJnF_BoULa1P4uBL7tYIoDRyFEQ5YbncTTu8oswRjdrUluBjcy6Z1ZNRn9at7xgHssvXw0rBoVNR7gne12tLdFVimcr9pl8g4IFmj4IdnyBCZwIaZ9YhWTYGueNJ_GoPGxcW4Ob8AaKebA5cLookwTz_MK3YXSNiRAAdLABI_lm8TTBOAEAYgFodvdp02SBQQIBBgBkgUECAUYBIAH_an9B6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEIPwFNIIHwiAYRABGB0yAooCOgSAQIBASL39wTpY_I-W99WJgwOaCXtodHRwczovL2xwLml0LXRyZW5kLmpwL2N1c3RvbWVyX3N1Y2Nlc3NfdG9vbF9jb21wYXJpc29uX2NsYWltXzg5Mz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZ1dG1fY2FtcGFpZ249cmV0YXJnZXRpbmeACgPICwGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAtoMEAoKEMCr4vzcgL-eJhICAQPiDRMI68KW99WJgwMV6UvCBR2twA0n2BMM0BUBmBYBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=vwTB9QMeNrQ&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSPAAvHhf_AUpt44Br4DpA3M_QvuCNGgWySh4WicNrDgw7n-YbK-Jq1GkjOXquWVvCiQSRqhHxVqFEpwkP5hgB&template_id=5028&cbvp=2
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0315 90 KB
29 KB 89ms
88ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c74d53b61eaafbecdd2b1e7d139628699d7f5637d88bf4b87ed1f73f28f1f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29427
x-xss-protection: 0
server: cafe
etag: 208 / 19703 / m202312050101 / config-hash: 11999804698944333348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 10:18:24 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/ Frame 0315 431 KB
135 KB 3ms
3ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37798
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138171
x-xss-protection: 0
server: cafe
etag: 7807444821274263820
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 10 Dec 2024 23:48:27 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0315 33 KB
15 KB 465ms
464ms Fetch
text/plain 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2854529434358115&correlator=4255025746739022&eid=31077976%2C31079977&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13848-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3Ddf42ae11c4e28d27%3AT%3D1702376301%3ART%3D1702376301%3AS%3DALNI_MZMN40TTD-lBk1zYS9HHmH2IvFO2g&gpic=UID%3D00000caa9a445f83%3AT%3D1702376301%3ART%3D1702376301%3AS%3DALNI_MZ-BBlJ8lvXO48CFINLEFfIrYKZKQ&abxe=1&dt=1702376305077&lmt=1702376305&adxs=1030&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=o9m047yhpm4a&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=5&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=197797429.1702376302&ga_sid=1702376305&ga_hid=516975677&ga_fc=true&dlt=1702376304910&idt=157&adks=2033195636&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba19c4add3cf65d9545c4af3d45a258c6b1a74ad50303595286e93b868dbe88c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14974
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0315 16 KB
12 KB 67ms
66ms XHR
application/json 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af371a51c66d9ea95923d3c614a5206fd247939e4aed97e2be28432fa6ab515e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12184
x-xss-protection: 0

GET
H2 200 container.html Show response
5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3474 6 KB
3 KB 102ms
42ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 10:18:25 GMT
expires: Wed, 11 Dec 2024 10:18:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A5BD 0
0 48ms
47ms Image
text/html 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312050101&jk=2848844592521536&bg=!5Oel56jNAAY3kmNgF5I7ADQBe5WfOE4bURZLo1VmxotoH0gWS7Jo1BqE-b8-nKqJqBE6n583QhUSK_ynbizRXEiPBMXUAgAAAEtSAAAAA2gBB5kDG5MCYDEc48oZiBuKovpI9Xe65suP0yqEAj8V4JJLrlSyskF0a8e5ao8LAe5gFWS2lcmfpL8tqQ9HLL78HqYKIIIXMz8mnjiyEYjNRgpAzBoeiojSjoJdxQCc9pagg10v9vufgxjqtU2RtVMCV29yNcC3cDQLzjtwSHemNx2WES42zQH2hA_lNpZ8RozVN93fBrSwgcsZEu0SXa45T89Op6oCZLLcTZu4FRKYoH2z-tUE93cGe_O_5kD_SqJ7i6pl6lqDIgjjEv3uaBrm9dEqyxSPoEIxKYmwZnQBkScsyXiRblBt0YyFf7OHkb8gWD6TFtFIiBwXJUdx0614zTrxx0kLdUd_W_0Tzi4EA_foMV1BgXz4Hil3hEiI269ml1-Uqi1OlXmUH-DsHrPYvMxn6AokFBjsmDyIJ5OtXMwEdbAfuL_VXxzOHLvc1Rn-kK2t3cEyIoBnNLiZdQ7aAn8vb0TevDvnp0RqYkuG4FPAsDHQIfp7zR11lN0WG7BQVlmBoA5iFaNmZJ0xJFO5_WvT0EG2nfBTNIW2_88PEVkSB4iKdvftUbYMf-jUapRyCfTU5MIBllZATR5xprrQGbBeZiIgeHVCCquJR3szNkBsppLAl41P90uLgOz7C0x7x3_cEAYxZKRlhvECXj8YSDa5xGcHjxmGQAQSK0m9-1CDwHb1S_84Rylv9bseYK7uxNehwNBrACg6sgj24Yt5VNuihomJypLwt_74n_UTt1fqEAF3NqSD4PMmM-gSLjjoBR_ZmcqwIBK75BEmFQixGLuAS9fko8CV8AgIML9qJ0kn2cFGK39tQz0n-JCmRNMInOKadsj60Q_fE4RmxhMEHcKJlvhAFbkZ-JEx_Ze_vt3Am28NRxZggdTkoesXqhu23uHyfkUqGaEE29VOzCMG50ttmodX9tyEMTSofkjSA9GtDxxqK7G2Nkl31AFlAUQDiWmS9Q4SEhcJEPnWSFHnfQvB3cJhje-TpG1JDxH13AtUNbn80fcngVXRqM43BvefI6aQDZd6tahLpIulKHn2pMSVq3jRRA9pwR5angYqmA
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0315 17 KB
6 KB 103ms
103ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 12 Dec 2023 10:18:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2DB0 13 KB
5 KB 3ms
2ms Document
text/html 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 37795
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 23:48:30 GMT
expires: Tue, 10 Dec 2024 23:48:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 32F6 829 B
559 B 41ms
41ms Document
text/html 2404:6800:4004:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a9d9e361051bd03c3a9a77b5074a74a925182b0e0ac02abee63e838b305311bc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s5ijQxaxSXP8aIIltBy1-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-s5ijQxaxSXP8aIIltBy1-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 10:18:25 GMT
expires: Tue, 12 Dec 2023 10:18:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 2DB0 39 KB
15 KB 11ms
11ms Script
text/javascript 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 07:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 356908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 07:09:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 32F6 0
0 43ms
42ms Image
text/html 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312050101&jk=2854529434358115&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2DB0 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2Lp0IA
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 container.html Show response
5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BFC8 6 KB
3 KB 4ms
3ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 10:18:25 GMT
expires: Wed, 11 Dec 2024 10:18:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 065B 611 B
263 B 50ms
48ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIY58LR6QEwAQ&v=APEucNX4PnaZACsYjpXU3SfUn8PXhjIqnU7mgt1IgDZUF29AzcGl1EqZcRGASuc97blF5vl7TgMdKs2bAuJoQ09M7b00aa2QQg

Requested by

Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 10:18:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BFC8 89 KB
31 KB 211ms
211ms Script
text/javascript 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 10:18:25 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BFC8 42 B
63 B 45ms
44ms Image
image/gif 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DRATD0pu_Y_i-21X_9ZfJ2tMp0_3g_XyzBxf-eEPVqK2RwiOhpJW4vNuI9ak8rOgLqBav4AqlVi3MasaKZdsxmLTujEw6A04A7wCnwWtnqtTkgYdE

Requested by

Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame BFC8 2 KB
1 KB 102ms
2ms Script
application/javascript 2600:140b:a800::17c3:5b8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115741&plc=4158936&sid=18330&dvregion=0&unit=300x250&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0gYy0tL6hi5s_WA7xuafSjP&c1=3060631&auorder=1011537657&aulitem=19996375854&aucrtv=489972071&auxch=1&pltfrm=1&ausite=449233607217&turl=https://reurl.cc/gaOWLp&aubndl=&audeal=
Requested by: Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:a800::17c3:5b8a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 10:18:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 07:41:51 GMT
Server: UploadServer
ETag: "4bec59ab2a9fb77e9ba1af294cf3504b"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Wed, 13 Dec 2023 10:18:25 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame BFC8 9 KB
4 KB 103ms
2ms Script
application/javascript 2600:140b:a800::17c3:5b8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&autt=1&ppid=103&aufilter1=3060631&auevent=ABAjH0gYy0tL6hi5s_WA7xuafSjP&c1=3060631&auorder=1011537657&aulitem=19996375854&aucrtv=489972071&auxch=1&pltfrm=1&ausite=449233607217&turl=https://reurl.cc/gaOWLp&aubndl=&audeal=
Requested by: Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:a800::17c3:5b8a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 432d901ea96ac3be844f2f177043fa0818e22ab8c8127939e2e86a919ae61102

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 10:18:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Dec 2023 14:41:17 GMT
Server: UploadServer
ETag: "ed633b78dfd798bb1b399c8dff548cc7"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3638
Expires: Tue, 12 Dec 2023 10:33:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BFC8 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:53:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BFC8 20 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:53:51 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BFC8 0
0 41ms
40ms Image
text/html 2404:6800:4004:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSCQjZQyMXz9Ct61IQ3PNs3Mn-Hmypc8N2PbB9S1UQoZqxl8aTYdy63EkHZ8XEZ2-tretfqBZtnmuiqDVVSNPh0aZ3VjQ
Requested by: Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:828::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BFC8 203 KB
64 KB 58ms
57ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 10:18:25 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 065B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENVQFcj59CfvmUSGvJ0PwFU&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENVQFcj59CfvmUSGvJ0PwFU%26google_cver%3D1

43 B
891 B

71ms
71ms

Image
image/gif

103.43.90.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENVQFcj59CfvmUSGvJ0PwFU%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIY58LR6QEwAQ&v=APEucNX4PnaZACsYjpXU3SfUn8PXhjIqnU7mgt1IgDZUF29AzcGl1EqZcRGASuc97blF5vl7TgMdKs2bAuJoQ09M7b00aa2QQg

Protocol

Server

103.43.90.114 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:26 GMT
an-x-request-uuid: d30c2875-8030-4aac-ada9-61dc6d8a8a33
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.145.172; 31.204.145.172; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:26 GMT
an-x-request-uuid: 64c83b97-f334-4fc4-a614-de1aa6ddeb18
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENVQFcj59CfvmUSGvJ0PwFU%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.145.172; 31.204.145.172; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 065B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc1NDQwNDYxNjcyMTQ3NTgwNg%3D%3D

170 B
188 B

42ms
42ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc1NDQwNDYxNjcyMTQ3NTgwNg%3D%3D

Requested by

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:26 GMT
an-x-request-uuid: 14191540-02f3-4d4e-b5a8-35cc30a20f06
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc1NDQwNDYxNjcyMTQ3NTgwNg%3D%3D
x-proxy-origin: 31.204.145.172; 31.204.145.172; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 065B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKrd-FOcTM2cd_7K8D_IK5M&google_cver=1

43 B
61 B

41ms
41ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKrd-FOcTM2cd_7K8D_IK5M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIY58LR6QEwAQ&v=APEucNX4PnaZACsYjpXU3SfUn8PXhjIqnU7mgt1IgDZUF29AzcGl1EqZcRGASuc97blF5vl7TgMdKs2bAuJoQ09M7b00aa2QQg
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKrd-FOcTM2cd_7K8D_IK5M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 065B
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTlmYWZlMTgtZWRiOS0yOGQ5LWY5YzQtMTJmYWVmZWIwODI1

170 B
188 B

44ms
43ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTlmYWZlMTgtZWRiOS0yOGQ5LWY5YzQtMTJmYWVmZWIwODI1

Requested by

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Dec 2023 10:18:25 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTlmYWZlMTgtZWRiOS0yOGQ5LWY5YzQtMTJmYWVmZWIwODI1
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6C3B 42 B
64 B 49ms
48ms Image
image/gif 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9eJNgGbKytPFKgv9uklNUux9mD_g4xvZ_lQfNvxIPA5RrACf_jrL09dYodVv4kPHMWuKnldRt82KYfO9e0JAuwPC9XCxpwvSvPsnnB113w3JhbEVgjnE9lbAAB_07P7bxiy6O27_x90kFg5J3v0U7M1r4&sai=AMfl-YSU99cGWEQFImKqQT2GRA_I7gFkTBkWznMeWHn57A9D4gpVyAq7LFCyYz2_TIe8ONSGxDo6gCeYj9k1Bc2K5aUX2NDEEbg2cAPNNp-0hS25FBF9jKip1eJ03BFu&sig=Cg0ArKJSzOQnpwHrxo1HEAE&cid=CAQSPAAvHhf_AUpt44Br4DpA3M_QvuCNGgWySh4WicNrDgw7n-YbK-Jq1GkjOXquWVvCiQSRqhHxVqFEpwkP5hgB&id=ampim&o=650,108&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=52&tls=1052&g=100&h=100&tt=1052&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BFC8 0
20 B 46ms
46ms Ping
image/gif 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9538349366357&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BFC8 0
20 B 45ms
45ms Ping
image/gif 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9538349366357&version=m202309260101&ct=77&x=1&cor=17870782815235324000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BFC8 20 KB
13 KB 79ms
79ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYjGSvJPZp-hjGYlXklQdULk7O1S3T__wIt0kLkVFRCZBqeg85CENU4BX4rccCAw54yGiPaHLN-1QVliKV6QxuqH59xUU3dwGIk2zXh6nw65f5DDdsjtIZ2goiJrco04uqYi7n82RXsu5KPAodNOfVAUKaJFpYiwl4KvoSeUIuiXalQIk&cry=1&dbm_d=AKAmf-BoD8NENAeO04ZBB1Akzw--57L0ztwpCzjg8ppm4elRqxhcvvqyT76Xni-1OIZ4rxYGyl2UQZtAS2KLodse6wXu01jwxgcgijPnpeRrD2hlZCdPnNOnwdV27LGYSKv2ds70nb85nl5zEtNx8GSkfodsfyBmrp_OFTfVEUlHjAWdNari4YRWzvPIItac-nn_y0zVo2nlLcYL0gWRKxEsWeMq1sBjCJSDV1kFaR-k2Jj00VA9V6jsSPmACM9Z9Afh8xadcAHsQpUSb1jMhpEDQnHqUMLjKV0Jf4vUH5wu9bVVfj8avlWVhA5iuG6YBNCw8Uj3EVenrOx3GokVydkznCaRnugCt423Kq9GfW1KL9z5xlpcF6aNBkz76MqFmRxt2BvzbjE2Gg66sjQCt8PwOnTetW13YlPOHo8bgf9IA0YVx8SXRKodmPWDIOyCtWAhJMd4nxtQXttS1F8qndAZnEeSu0JSwqsjtPJghAoRKv-3rPiNvVXegS5fnKBmp7seo4wh6lL4BBqAjYQUTP89ZVJWIG0FHeqWS7g2L61Q9FS-avr0MXAU6EMyoFERI7qPV5Y0NSxo1WSqkNr0lUViMAHBc1SyqGApzv40weXzVsD9ZyIVyFLc8WFAEzQ_2_szt-pAPH9D2p6JazTv2wn-Y1j4sfO26oLeBGf-VU6BN_BXN0e7qHJjcZaYIarEw2pNp9mxLQgUmSIw64SRQeOyyiJNkrgHcwXe1ljWxvF15coXGT2c2DpCOUl7eU6JonZ6a5m_07Z52LNlqasgNrBYM0uAqZmOrb8_eZIkm6Xl4glMBRRky94F2zPTlhMrwGEqd8ahR6dsFB-XGBjscE2jkZG6fpXFzuXzN6V-pSnNUFE9-p8s5f5lfOhKOMcuXBRe0L-kXGKsIr9IGl7n_uylZq5HdcVJvGWrsp3XNmgiS4w101jECsAJ8ufB53VnxCw28Z83Q8mvNa3Pcz2uZLq7CLoQOBYXRF4buDHjXw6-gZTmjl_osI3ZU6y1bIo7Dwn3SLpM3k_eDS0KiHr2RSzIQsBBnd-wg4LM8QyZ2gwaz7AZsX08_tu4NRBQht9BK1eJDS5HZ7xv4RLGcO6okfdiLvz4YtMbLBkWQzW-Boz66ddXXU3cMFdzsyGv2KH0Kb4kywWuYKX3lKYA9D7au29p5OwwCUz656J7NaqEuEWQM-d4Hsjk-wN0MguLpxvAsMqKDnlUc15DH8Lhi4e5NYisuYNCyPrrFRxkRYT0Y956L0lYFWNsPpo3-V7ELxHiTUqY7mhhrDH77r0rywjEN4s0c_9pjIEf_usGdME8K-9Q-ABxTu_nQolHUpJa5RW0KKxAELH8GXzV0oeaXVAl9dKkjRL0trzXx6Vtx_fX7bJOrJ9pJzkYYF_AZbrC40xqvBjjwVzP4ZjZAnX_REv0kmhhRn0oKgUvT4VL-12jLCebiaLidWrT0Ap7XkrZo9WnZhQPfwZtdbpfktoDATdZgdMYQpkqcV2nFe4pJ_DJs9iKPOQpTbYoIyLi_8NrsjIf5gyXURChyrsQ2E3hODSG3GV_ZpD8Dwh12Kmte9uOt8JQAAh7VllRuiTbeaQaAfrqMfgNl1Djh9GFS7S0EvAZeKnpQ0cir271AsTP6TndjGp5P44UNPVbhsZTp80iVLNA4fj99NmNUxVfVLBDgrINrKCX1qjBIMrYY-T5jFrNTiaIQ_rwujWd9AFazKliAWzU4P3J6UsaFMU5DGlOuOqA_vTQ10R_76yG0itBR2M8vSXQE1KK__6OK77EPyq7_TDHzbnzqz5G84TxZbdy94SaWxRi1_LKCCNjQk7rTgYrHZyFF0QsDA_i299gXre4z7daRvDCt6wtvld5kAAxS0xlvxw376S5mE9jzJIeOOxz3T60nvpisJLdZs7_1INouJ2m4xS-Ku3QL3b2S3-VaIs30jJVda-ihe3UUZ2ftG5ZqXli-EPcTkR6kzcW_XpwrJj-C5Hh8Y--7j8yYDhDA6vEI7sDmAu28Oa1D3oiZ3FkRiO5pr37Y3GqWJZZp2MwUWmHrPfY0gA2iN2Y-DK9KOPb5U-mAfrVSqIvnrf1-hbuQBl3UjUrE0TkEltw1SDve5q6BoAOKGmpt7mK0kBwf_jHSSXQi48HVIv08C-pAAUhOKJcM5q8iKn93XhrfHAE8WejWmjnRSDXsXwcS2V1lgGdRYh59iY-wcoSQnICTWtViSJGzDF60vGxwysYM_t3kJwlYTMw4a5vJFjz3ez1visEScuNwggyF_uGdEf7zrCDxi5E3SkXNg2xq5gZR7PMKoSSqLVjptG6J-8jqyFyYEWWWcfYrG3pkbe36GuNYHfVCYSYu8jrCfyuFfgdOBSmAHWO_lYOphcJgj3BQZkiL96d-mzIHyLqWnuDlPpAncOJrVE5IpfMk0eiQ9MejmVhALWXiWSaD6qp90STRplnQtpYiH91NmRH4PGNZutkcIFMM8E8ny-xEMLRutNSBTsQcuPr-IpqnIZVcjpFIPzi6lp3vCmgvWGtpdP4ijpLrqV4FUT2fq691shb3Ar59YU70SVfwbeEvRBXJvDvPuQ2-LILpq07Ka7eseOMMqqtT54tt-XHRjKqHRBSBbudgW7VjKqJfSC2RPqQX1ZKzQuRKOFnajYaNIa3boN3EbrFHkmj_zV_LYs9D0auvT-ApVoEpF84o_Q1i4SZulvD69Z-ubvTzCJQL3kuRXshyfgjKlkbPe8gFkZee0iSEp2XIxKey-pMbrIcqH8DY7iDxUn_YT8zKpDskFuEN0TJbppbJ1SDJYQRASp6nnQcR0FxK6CiqLy6nQD9SWd7hkh9vkv7rYUNMnsl1yzkeSA3gABDvQAlpdE17wh0-BIoThROWGivcy5vZ6CT6gIKd8CmkSTMAv_c0iaUMWVcY4vyi92BpAxFPVh3PikMiTzVd4s3DkgmeC9m3jrodg90DC-tZBqsoO1T9zwLXiVg5-r3KKY5-A26hZw9Z0ZJXFeI4EJzmRJ3n8vWeqsthzDfcVEW_Jcn_VQoznyF4SWVtqwlVHSEjUOZ1CXjY6AxHmXKqP7rsdKwl2TXVrIeBUx4gnfR5QRcAQ74NVxsNDSJWPI3Be7yXqZwcH0xrOZyympsbeWswYxmD2BebAzLcF5bfnqCGrTKTWPErvGYlJxILmkfwEkrhe7DfDCq7t-xesMjwpBOdSRsUGV5RuDBF5Oyxxi70oRgNYze1zQwMOUO5-sbopM6j4rh14p5xflH2QqLzcA2OdxqG8P8kSX-xbdpcIguLaU8Mt7DKs5RQ5fqjjFxmXZOeGxW93RxSBB1ikwjQaF9QU7sseUUM-lRE3g4-V7vmD_YptgNs_1WwWl_tr2BdY-rGXGbGdlckjalH0QWShO3fc224OD3OpNOXdkMurjB-sLsflEwXKMSJQWy6q0Aqeq_1zdKxP8JaNeF3vfuhHOINrxh5E2inRdozkWOaHDupiSub5XYZ_8__HcWnMrnoIfkEOkcbehhnbxyITUlhYG9omMiQQiBgJjjY4LerF1x4NOSvTDy-eLFh1iWXQgi1XKsvzE6IIDEcFlNGfUl3rb98gTPnALhPahYcQWVpjESumi1FxevNit7JA2pIA6rg9Px71GU8do5-Lnb26ogL_xo0_DUUUtnOMlAoaT5hC0u8Im-IGvIQ3RA_GB4hfyCxHJmA3_HSEKoGSush_0Ibkze6Y_KKHhOJm6-lFhNzwSPKOJMrcLAW-bpNiNSC2y3Z53RcmfL4tPhr_jJ2P7QADXb3waUdPpHjo4pTGDBXXcosgOvg0bG9-jYyP5CJR3irG7zHAoHSrPVBpzNHuZl1xUKH1I-RapE4kCPpB7JfphGe1ry8zhJMExvQyOgORoZ1oNxJkjsFhCFYle97IEPwFCGChEgT0I_cAPeYh0Sk83q67DmZ7QKxcnHj73eDFaA86PHjbweC1SO3zuU4cHLBEfrZo06QYGCCANkSfmCAs2ELAV0WjBiRa9UwUWjpu4Eo-6OHrDljptnQO8HqDgFnTgNJ5EJ8xI__tJwZF5nDER0U6knoijmgYajXOusVl0iGF1M8ChUxK1Ij-1HGBf5VCFQR3O_p1rZq5Cxo09rCYAtXYdNI-6FMBZ5292OZLpFnFflXGPKKGwJm2KEryEP7vuf0H1oc_9bW9_co9niarT1zPQYc-Mzia-CvLTd12KebLMC0Lx4gyMvJuo2tPGm4ePVSHS2nCobH38aZptzQuX2HbKO7FJ1-2nM9Q58wD1d6A&cid=CAQSPAAvHhf_zvxKp59EB4v7p7ACj8Qt6URM8uC5iWMU5Q65zyum_cbTVbpKrR2DRRqpEa3rELKufX9C1c63ChgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc&ds=l&xdt=1&iif=1&cor=17870782815235324000&adk=1409856385&idt=216&cac=0&dtd=25

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bacb069d5133f9f5a54d6f82725068ab0a34f860a1d195036769fdae208bb736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13742
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0315 0
0 43ms
43ms Image
text/html 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312050101&jk=2854529434358115&bg=!bW6lbiHNAAY3kmNgF5I7ADQBe5WfOLqc1UZpXtQJVWNeZvFWg-ZyftySYsDXuR7UwWbtDaK2f8XDo02PRKEGcNe_hvOBAgAAAEhSAAAAAmgBB5kDNhKGc6t3wPQm2D-zdRWX1tM-AGvbgaj0ZHasDVi0PVvZxeQPa8YB5aGbU4QyTMKKqpANj9H4fBCPooE8nN0x_XEhfFFTzxsSzqQgLbAj8PHnE7-vCLY2OEAUNbn1Huh8Ze7vmmKnNpq9qpD0nmbZ8HlVFi0XBIvRqmUA2g13-mSdHh_6vUJW8D4bzLZrBYdFXOM85XXh0G2PaQunZCEJHlRzxw_Ighy3Xhkea7v0SZ_L_wtP75goZsvOv3KTV4sSjSrorTdxG_dYSeB_PZKnRebWoj0E_rAmBXh7qQ6wtsbhsYv5T4R-FSbw7DOmGMip0rvjGaD1SC9KA15e3sx4rINWMsbdvYrFGuol0BQzSeW9ozzzE4wHr-1Vudu9Eq3r4GS-Hp-uRX5OZTGbPqRahDg_QjD1QnCM5KmasyNPX1Us_JnihF2nvqtW4yLoUlnC2HDV8w_Igqdmb709B174ENRVWoe4kXJUIeoMqhxBNd5ddjXcRSYef-zDVl0P87O5X23XmtlsFl5k4R1K-BFUfP3qZiP7DQPhTAsGSN8Bi1jwhPLecZTO78LXv-vXySji4uf3Mg8djdVwTl6PLGt7SOkHnNnZGNaa00CNPeJvJjIbHFmCHkxVgFFVS_CP-7y8q--CegrhMYjAIr16OS30P9yCUP88s4GBQ_MzYze_ufJqGheFYTdiPEDpIbCBtSNWyg-JMbplW5V31Lu03hbQluqkQHPbwJNYXt55_y-8XLkORAu7PKR8IOWUjjspInk3Lm9YjzyQaAUCPyYa7dy594rYcruPHPQHBuThznfyUoZt1ERp4VNaIVHsMvmYPlCeI0CjmEV2yNolc1TBF258X2i-jUjSV3-gxgPewFb-RhPWUSfkbwpbnqcDtEiEwdyFApXxcPcGa2AaZdD4UE-TtPIhOCreluX-idIbtLvXhcmR5b935uw3Er5U3R8ez9WzQVOhJvfWtHdUlnanEwG9jFWNQV_hwD1_cwNRkrTMVlz0mtXPGJJJJggjL_eC8eje_wOk-KDIzzR9gOEKhoyNMY3_wYXy-6nfkXdaDYSF6xNGeuueDy6zo_oj1yC10ghhTjgSIUTMLw
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame BFC8 41 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYjGSvJPZp-hjGYlXklQdULk7O1S3T__wIt0kLkVFRCZBqeg85CENU4BX4rccCAw54yGiPaHLN-1QVliKV6QxuqH59xUU3dwGIk2zXh6nw65f5DDdsjtIZ2goiJrco04uqYi7n82RXsu5KPAodNOfVAUKaJFpYiwl4KvoSeUIuiXalQIk&cry=1&dbm_d=AKAmf-BoD8NENAeO04ZBB1Akzw--57L0ztwpCzjg8ppm4elRqxhcvvqyT76Xni-1OIZ4rxYGyl2UQZtAS2KLodse6wXu01jwxgcgijPnpeRrD2hlZCdPnNOnwdV27LGYSKv2ds70nb85nl5zEtNx8GSkfodsfyBmrp_OFTfVEUlHjAWdNari4YRWzvPIItac-nn_y0zVo2nlLcYL0gWRKxEsWeMq1sBjCJSDV1kFaR-k2Jj00VA9V6jsSPmACM9Z9Afh8xadcAHsQpUSb1jMhpEDQnHqUMLjKV0Jf4vUH5wu9bVVfj8avlWVhA5iuG6YBNCw8Uj3EVenrOx3GokVydkznCaRnugCt423Kq9GfW1KL9z5xlpcF6aNBkz76MqFmRxt2BvzbjE2Gg66sjQCt8PwOnTetW13YlPOHo8bgf9IA0YVx8SXRKodmPWDIOyCtWAhJMd4nxtQXttS1F8qndAZnEeSu0JSwqsjtPJghAoRKv-3rPiNvVXegS5fnKBmp7seo4wh6lL4BBqAjYQUTP89ZVJWIG0FHeqWS7g2L61Q9FS-avr0MXAU6EMyoFERI7qPV5Y0NSxo1WSqkNr0lUViMAHBc1SyqGApzv40weXzVsD9ZyIVyFLc8WFAEzQ_2_szt-pAPH9D2p6JazTv2wn-Y1j4sfO26oLeBGf-VU6BN_BXN0e7qHJjcZaYIarEw2pNp9mxLQgUmSIw64SRQeOyyiJNkrgHcwXe1ljWxvF15coXGT2c2DpCOUl7eU6JonZ6a5m_07Z52LNlqasgNrBYM0uAqZmOrb8_eZIkm6Xl4glMBRRky94F2zPTlhMrwGEqd8ahR6dsFB-XGBjscE2jkZG6fpXFzuXzN6V-pSnNUFE9-p8s5f5lfOhKOMcuXBRe0L-kXGKsIr9IGl7n_uylZq5HdcVJvGWrsp3XNmgiS4w101jECsAJ8ufB53VnxCw28Z83Q8mvNa3Pcz2uZLq7CLoQOBYXRF4buDHjXw6-gZTmjl_osI3ZU6y1bIo7Dwn3SLpM3k_eDS0KiHr2RSzIQsBBnd-wg4LM8QyZ2gwaz7AZsX08_tu4NRBQht9BK1eJDS5HZ7xv4RLGcO6okfdiLvz4YtMbLBkWQzW-Boz66ddXXU3cMFdzsyGv2KH0Kb4kywWuYKX3lKYA9D7au29p5OwwCUz656J7NaqEuEWQM-d4Hsjk-wN0MguLpxvAsMqKDnlUc15DH8Lhi4e5NYisuYNCyPrrFRxkRYT0Y956L0lYFWNsPpo3-V7ELxHiTUqY7mhhrDH77r0rywjEN4s0c_9pjIEf_usGdME8K-9Q-ABxTu_nQolHUpJa5RW0KKxAELH8GXzV0oeaXVAl9dKkjRL0trzXx6Vtx_fX7bJOrJ9pJzkYYF_AZbrC40xqvBjjwVzP4ZjZAnX_REv0kmhhRn0oKgUvT4VL-12jLCebiaLidWrT0Ap7XkrZo9WnZhQPfwZtdbpfktoDATdZgdMYQpkqcV2nFe4pJ_DJs9iKPOQpTbYoIyLi_8NrsjIf5gyXURChyrsQ2E3hODSG3GV_ZpD8Dwh12Kmte9uOt8JQAAh7VllRuiTbeaQaAfrqMfgNl1Djh9GFS7S0EvAZeKnpQ0cir271AsTP6TndjGp5P44UNPVbhsZTp80iVLNA4fj99NmNUxVfVLBDgrINrKCX1qjBIMrYY-T5jFrNTiaIQ_rwujWd9AFazKliAWzU4P3J6UsaFMU5DGlOuOqA_vTQ10R_76yG0itBR2M8vSXQE1KK__6OK77EPyq7_TDHzbnzqz5G84TxZbdy94SaWxRi1_LKCCNjQk7rTgYrHZyFF0QsDA_i299gXre4z7daRvDCt6wtvld5kAAxS0xlvxw376S5mE9jzJIeOOxz3T60nvpisJLdZs7_1INouJ2m4xS-Ku3QL3b2S3-VaIs30jJVda-ihe3UUZ2ftG5ZqXli-EPcTkR6kzcW_XpwrJj-C5Hh8Y--7j8yYDhDA6vEI7sDmAu28Oa1D3oiZ3FkRiO5pr37Y3GqWJZZp2MwUWmHrPfY0gA2iN2Y-DK9KOPb5U-mAfrVSqIvnrf1-hbuQBl3UjUrE0TkEltw1SDve5q6BoAOKGmpt7mK0kBwf_jHSSXQi48HVIv08C-pAAUhOKJcM5q8iKn93XhrfHAE8WejWmjnRSDXsXwcS2V1lgGdRYh59iY-wcoSQnICTWtViSJGzDF60vGxwysYM_t3kJwlYTMw4a5vJFjz3ez1visEScuNwggyF_uGdEf7zrCDxi5E3SkXNg2xq5gZR7PMKoSSqLVjptG6J-8jqyFyYEWWWcfYrG3pkbe36GuNYHfVCYSYu8jrCfyuFfgdOBSmAHWO_lYOphcJgj3BQZkiL96d-mzIHyLqWnuDlPpAncOJrVE5IpfMk0eiQ9MejmVhALWXiWSaD6qp90STRplnQtpYiH91NmRH4PGNZutkcIFMM8E8ny-xEMLRutNSBTsQcuPr-IpqnIZVcjpFIPzi6lp3vCmgvWGtpdP4ijpLrqV4FUT2fq691shb3Ar59YU70SVfwbeEvRBXJvDvPuQ2-LILpq07Ka7eseOMMqqtT54tt-XHRjKqHRBSBbudgW7VjKqJfSC2RPqQX1ZKzQuRKOFnajYaNIa3boN3EbrFHkmj_zV_LYs9D0auvT-ApVoEpF84o_Q1i4SZulvD69Z-ubvTzCJQL3kuRXshyfgjKlkbPe8gFkZee0iSEp2XIxKey-pMbrIcqH8DY7iDxUn_YT8zKpDskFuEN0TJbppbJ1SDJYQRASp6nnQcR0FxK6CiqLy6nQD9SWd7hkh9vkv7rYUNMnsl1yzkeSA3gABDvQAlpdE17wh0-BIoThROWGivcy5vZ6CT6gIKd8CmkSTMAv_c0iaUMWVcY4vyi92BpAxFPVh3PikMiTzVd4s3DkgmeC9m3jrodg90DC-tZBqsoO1T9zwLXiVg5-r3KKY5-A26hZw9Z0ZJXFeI4EJzmRJ3n8vWeqsthzDfcVEW_Jcn_VQoznyF4SWVtqwlVHSEjUOZ1CXjY6AxHmXKqP7rsdKwl2TXVrIeBUx4gnfR5QRcAQ74NVxsNDSJWPI3Be7yXqZwcH0xrOZyympsbeWswYxmD2BebAzLcF5bfnqCGrTKTWPErvGYlJxILmkfwEkrhe7DfDCq7t-xesMjwpBOdSRsUGV5RuDBF5Oyxxi70oRgNYze1zQwMOUO5-sbopM6j4rh14p5xflH2QqLzcA2OdxqG8P8kSX-xbdpcIguLaU8Mt7DKs5RQ5fqjjFxmXZOeGxW93RxSBB1ikwjQaF9QU7sseUUM-lRE3g4-V7vmD_YptgNs_1WwWl_tr2BdY-rGXGbGdlckjalH0QWShO3fc224OD3OpNOXdkMurjB-sLsflEwXKMSJQWy6q0Aqeq_1zdKxP8JaNeF3vfuhHOINrxh5E2inRdozkWOaHDupiSub5XYZ_8__HcWnMrnoIfkEOkcbehhnbxyITUlhYG9omMiQQiBgJjjY4LerF1x4NOSvTDy-eLFh1iWXQgi1XKsvzE6IIDEcFlNGfUl3rb98gTPnALhPahYcQWVpjESumi1FxevNit7JA2pIA6rg9Px71GU8do5-Lnb26ogL_xo0_DUUUtnOMlAoaT5hC0u8Im-IGvIQ3RA_GB4hfyCxHJmA3_HSEKoGSush_0Ibkze6Y_KKHhOJm6-lFhNzwSPKOJMrcLAW-bpNiNSC2y3Z53RcmfL4tPhr_jJ2P7QADXb3waUdPpHjo4pTGDBXXcosgOvg0bG9-jYyP5CJR3irG7zHAoHSrPVBpzNHuZl1xUKH1I-RapE4kCPpB7JfphGe1ry8zhJMExvQyOgORoZ1oNxJkjsFhCFYle97IEPwFCGChEgT0I_cAPeYh0Sk83q67DmZ7QKxcnHj73eDFaA86PHjbweC1SO3zuU4cHLBEfrZo06QYGCCANkSfmCAs2ELAV0WjBiRa9UwUWjpu4Eo-6OHrDljptnQO8HqDgFnTgNJ5EJ8xI__tJwZF5nDER0U6knoijmgYajXOusVl0iGF1M8ChUxK1Ij-1HGBf5VCFQR3O_p1rZq5Cxo09rCYAtXYdNI-6FMBZ5292OZLpFnFflXGPKKGwJm2KEryEP7vuf0H1oc_9bW9_co9niarT1zPQYc-Mzia-CvLTd12KebLMC0Lx4gyMvJuo2tPGm4ePVSHS2nCobH38aZptzQuX2HbKO7FJ1-2nM9Q58wD1d6A&cid=CAQSPAAvHhf_zvxKp59EB4v7p7ACj8Qt6URM8uC5iWMU5Q65zyum_cbTVbpKrR2DRRqpEa3rELKufX9C1c63ChgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc&ds=l&xdt=1&iif=1&cor=17870782815235324000&adk=1409856385&idt=216&cac=0&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:48:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37808
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 23:48:17 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjM3NjMwNTg1OTM3MgogIHNlcnZlcl9pcDogMzg1OTg5NjIKICBwcm9jZXNzX2lkOiAyNzM0ODA4NjMyCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIK...
ad.doubleclick.net/ddm/activity/ Frame BFC8 0
859 B 88ms
46ms Image
image/png 142.251.42.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjM3NjMwNTg1OTM3MgogIHNlcnZlcl9pcDogMzg1OTg5NjIKICBwcm9jZXNzX2lkOiAyNzM0ODA4NjMyCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2Fkb2JlLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA4MTE2MTQyODk5NTMwNzMyMTY5CmRlYnVnX2tleTogNDY2MjcxMzg4MzAyODM1MDQ5NwppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTItMTIiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA5MjEyMjUyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzY3MTY4Njg5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA3NDAwODYwNzYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTk5OTYzNzU4NTQKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0ODk5NzIwNzEKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWRvYmUuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZmxhc2h0YWxraW5nLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2ZyYW1lLmlvIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:25 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x8656e6a85ba3245d0000000000000000","13":"0xb064021e4bb4a11b0000000000000000","14":"0x9f5ba7853dd1ce080000000000000000","15":"0xe09e9626b0629adb0000000000000000"},"debug_key":"4662713883028350497","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"8116142899530732169"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal124.js Show response
cdn.doubleverify.com/ Frame BFC8 60 KB
20 KB 2ms
2ms Script
application/javascript 2600:140b:a800::17c3:5b8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115741&plc=4158936&sid=18330&dvregion=0&unit=300x250&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0gYy0tL6hi5s_WA7xuafSjP&c1=3060631&auorder=1011537657&aulitem=19996375854&aucrtv=489972071&auxch=1&pltfrm=1&ausite=449233607217&turl=https://reurl.cc/gaOWLp&aubndl=&audeal=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:a800::17c3:5b8a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 10:18:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 07:41:53 GMT
Server: UploadServer
ETag: "36b6087525da09e8974d3f2aa1f7282d"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19649
Expires: Wed, 11 Dec 2024 10:18:25 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2F40 38 KB
13 KB 3ms
2ms Document
text/html 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 484430
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 19:44:35 GMT
expires: Thu, 05 Dec 2024 19:44:35 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame BFC8 1 KB
929 B 463ms
86ms Script
text/javascript 34.149.43.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_847024165578&jsTagObjCallback=__tagObject_callback_847024165578&num=6&ctx=1828362&cmp=115741&plc=4158936&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=847024165578&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&brid=3&brver=120&bridua=3&dup=null&ppid=103&auevent=ABAjH0gYy0tL6hi5s_WA7xuafSjP&aucrtv=489972071&auorder=1011537657&ausite=449233607217&auxch=1&aulitem=19996375854&pltfrm=1&aufilter1=3060631&autt=1&c1=3060631&turl=https://reurl.cc/gaOWLp&srcurlD=5&ssl=1&refD=6&htmlmsging=1&tstype=128&prr=1&aUrlD=5&m1=13&noc=4&fcifrms=10&brh=3&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=171&eparams=DC4FC%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BAU2%3F4r92%3A%3Fl9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTaud5c_h%607227_cd3cbghbbdc3%60h4g%605cc7%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BA&dvp_exetime=9.90&aubndl=&audeal=&callbackName=__verify_callback_847024165578
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: d39229f8f30f9d7c40b186b83700a7c300ff6d8e09cee9a05fccde6384813bd8

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 10:18:26 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 12/11/2023 10:18:26

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F40 39 KB
15 KB 12ms
12ms Script
text/javascript 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 07:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 356908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 07:09:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F40 0
20 B 147ms
147ms Image
image/gif 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BwcjucTN4Zey5NLLys8IPuLyHmAoAAAAAOAHgBAI&bg=!aGulayTNAAY3kmNgF5I7ADQBe5WfOBpKa3jPl_M91Rt-HRi945Kn1V8Sc9OZMKM40rlc6yMfZg9iK0rqmQEYNWQ0Fv_PAgAAAEVSAAAAA2gBB5kDfpcl8WIaZzlX6b2amBPNqPKlminqK1yrtjZUght1k-1_d8GM7mShpDK0rlG9_3-RZPD0IN2bEMAk5np3GYIfeqnaZIUGH_ZIGAsdAk3ay2TNjJo5A6Hs-vci7iDPDqX5VlXpwB6ViarzMyf_VFPg6hDwYeYM_nGVeIMGCbPRAc72Qq_e3P_EisA6musvDbUhGwrg9AbxreQani6nzZLQkygzFc2BRdf8IgAhO6Ks1fWnB6GcleM4YUdnCGAPKcy1wcBzKgKflDqXnI-n6r9It8fq0Mg9CmHFA7LmgYglbOC-1h6Fa5owkGkD3sujmnBRb62NFVTzk1ZC44xSblZuPUsrBjbpvFSxznEile6FIZgBSm5AWDu6KYVewSfMpDYH40j8QUTgMY7mf-n5emgze2Wc0VEHiW3lLP6oWWtSqrD6ZduQ9Sb_JZjMQkT_zsRf5KLGtOYp4Khhr4hUePPRTOKLNzGIT_ul5XRqgUYQ1bT9F2_wqis5a4PcgwmmfN-JmF8jfoEZ5O3OjS-bSNfGwkS_LHlSD_NrINQWAEoQ2QTw426HC-lsTtgQ1B8Q1JnCiqfyVNoqh74kF6xwZIvPEU1TllexceBYv_RUJVerm3_9jBMIrVuxqUx1jSltDP1jzpcM1OgrB5kW-YEWN6NZ_THYjTvHKbj60SLZVAQePvObaM9zMT0EM7ZpR9RJ-qDKEC0qNofebSVqHhF3cICNnyyVhdG_tsrnV6dW0tKweBMxmXV_xOlXONvVa8tkK5IYTpxvg1sNqfUrocVPa4veaYoSD3-aYp5eb_JIwgJBUvck6AMIw9evF0pRuH-cHP8uxWk5mzbUEQQUQnCDEcUTUT5DZSeJ4DmiXFICivP09ZVVDrRUFhKEM0QBudx1dlzP439Jjh2dqD3loa3xJYcYfc_nQWFgLJ0ycde6mnwaP74H_H18oeALPPduTmimmyr6MYNR0crLuFxzm4V_AzwacIK8ULzEUUXTW7W2RPd_gCwm2bWfLpCiB91YeOi5erSBJoA53lD6Ir29wmiUs6cIrAwE24Eer1hOwWpF44yUxG23c0BMsNdS9KOjuiJ3ghJEfuG6sp2xZZL7ZR3-8V0_5uQnMKbDzrgamFyDvP9AqiEO8P7QoBQpANJ07XUwxBBYiFH6ZVO7xdVmHlQQtjSlSuht-OYy8ZcSw5RPYk23Vw

Requested by

Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame BFC8 18 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 12 Dec 2023 10:27:53 GMT

GET
H3 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame BFC8 59 KB
23 KB 3ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 11:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 426120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 11:56:26 GMT

GET
H2 200 B9689862.280410797;dc_ver=99.292;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3481089748;ord=r8b0ot;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame BFC8 67 KB
30 KB 83ms
82ms Script
text/javascript 142.251.42.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3481089748;ord=r8b0ot;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2FgaOWLp$0;xdt=1;crlt=YzRRAw6Dl3;stc=1;chaa=1;sttr=13;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f6.1e100.net

Software

cafe /

Resource Hash

1166784630ae8bef675556090064aab4ac668ddb3df39feadc899b406c5d41e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30808
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame BFC8 11 KB
4 KB 13ms
12ms Script
text/javascript 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3481089748;ord=r8b0ot;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2FgaOWLp$0;xdt=1;crlt=YzRRAw6Dl3;stc=1;chaa=1;sttr=13;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 10:18:25 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BFC8 0
0 42ms
41ms Fetch
image/gif 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOIWQLQVHMaJMbva7vmriXk-2LKezT_SbJqXI8k4IGwZrBKB8CuARfGsXmdXw1gbJQkZ29baH7vsgNZGt1Cp3cp5bN6nDe-VElKbNdwS6fA6-yt7JYng9ml4v5xIT2ATaEroed1mx2tuduaMsEJblbqFkHYZ1D&sai=AMfl-YRw5FdaNKwB67xH_kIvT9nccH_eYEdBSGK9kPr6zlehCYXgZE11QZphF5pT3FETZDMuCTfQM1EE2JbeMoUslKwC1ESr8-P01XKWCw&sig=Cg0ArKJSzJu7hw0pvCMoEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231207.82447&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 12224131752392196093
s0.2mdn.net/simgad/ Frame BFC8 144 KB
144 KB 4ms
4ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12224131752392196093

Requested by

Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e80f3c6479f08a7ea0b97f0c3538f4d3420e0f00df102e15469e7fc6ed013cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:56:08 GMT
x-content-type-options: nosniff
age: 411738
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147304
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 20:18:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 15:56:08 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame BC43 38 KB
13 KB 2ms
2ms Document
text/html 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 484431
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 19:44:35 GMT
expires: Thu, 05 Dec 2024 19:44:35 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dv-measurements5125.js Show response
cdn.doubleverify.com/ Frame 8298 423 KB
101 KB 4ms
3ms Script
application/javascript 2600:140b:a800::17c3:5b8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements5125.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:a800::17c3:5b8a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 5ba664c72916c1601b2e25cd99ba0a13f3479b34e5666f7f25967c187a7c8c27

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 10:18:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Dec 2023 13:12:54 GMT
Server: UploadServer
ETag: "c36c56865206a984c9f4d7c3d11b79d0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102522
Expires: Wed, 11 Dec 2024 10:18:26 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BFC8 0
0 45ms
44ms Fetch
image/gif 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOIWQLQVHMaJMbva7vmriXk-2LKezT_SbJqXI8k4IGwZrBKB8CuARfGsXmdXw1gbJQkZ29baH7vsgNZGt1Cp3cp5bN6nDe-VElKbNdwS6fA6-yt7JYng9ml4v5xIT2ATaEroed1mx2tuduaMsEJblbqFkHYZ1D&sai=AMfl-YRw5FdaNKwB67xH_kIvT9nccH_eYEdBSGK9kPr6zlehCYXgZE11QZphF5pT3FETZDMuCTfQM1EE2JbeMoUslKwC1ESr8-P01XKWCw&sig=Cg0ArKJSzJu7hw0pvCMoEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=73&vt=11&dtpt=71&dett=2&cstd=0&cisv=r20231207.82447&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8894 1 KB
643 B 10ms
9ms Document
text/html 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

age: 70687
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 14:40:19 GMT
etag: 48472445140208031
expires: Tue, 12 Dec 2023 14:40:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BFC8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 597e1c2f51c0d64bd7ab56cec9dea9dd33d54b3e6afd6ce354aed2d32cd5b451

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame BC43 39 KB
15 KB 10ms
9ms Script
text/javascript 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 07:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 356909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 07:09:57 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 8298 1 KB
886 B 443ms
89ms Script
text/javascript 34.149.43.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=64&ttfrms=19&brid=3&brver=120.0.6099.71&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BAU2%3F4r92%3A%3Fl9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTaud5c_h%607227_cd3cbghbbdc3%60h4g%605cc7%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BA&srcurlD=5&aUrlD=5&ssl=https:&uid=1702376306677320&jsCallback=dvCallback_1702376306677398&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5125&tgjsver=5125&lvvn=28&m1=13&refD=6&referrer=https%3A%2F%2F5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D5&fcifrms=10&brh=3&dvp_epl=395&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://reurl.cc/gaOWLp&c1=3060631&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0gYy0tL6hi5s_WA7xuafSjP&aucrtv=489972071&auorder=1011537657&ausite=449233607217&auxch=1&aulitem=19996375854&pltfrm=1&aufilter1=3060631&autt=1&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=891326786932.9539&ee_dp_sukv=891326786932.9539&dvp_tukv=1369620807545.636&ee_dp_tukv=1369620807545.636&dvp_tuid=304117075590&jurtd=3394558665
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5125.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 3ca6b467640ef1a3b85c823360c85d57dd12a17d267cb2cbdae2650c64c791ef

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 10:18:27 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 12/11/2023 10:18:27

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8894
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDU0diVN8nWQCzl2nf9LGKM&google_cver=1&google_push=AXcoOmQFZ75xb9H079NEWZBmNgQ0fc0iTxMvL8eOG_QFDON82wOix4a...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=488b6115efc2215&is_secure=true&networkId=14000&version=1&google_gid=CAESEDU0diVN8nWQCzl2nf9LGKM&google_cver=1&google_push=AXcoOmQFZ75xb...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMG8TPoe6v7gMLcaftAAAAAAA&expiration=1702462707&google_cver=1&is_secure=true&google_gid=CAESEDU0diVN8nWQCzl2nf9LG...

170 B
188 B

41ms
41ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMG8TPoe6v7gMLcaftAAAAAAA&expiration=1702462707&google_cver=1&is_secure=true&google_gid=CAESEDU0diVN8nWQCzl2nf9LGKM&google_push=AXcoOmQFZ75xb9H079NEWZBmNgQ0fc0iTxMvL8eOG_QFDON82wOix4aPetYMQazsUJ5lROXxgTd0d_jCp822QPGibz3ceSMYwi6TT1WXZR1bTsd-WtXnwuflzGGDkm7u9wtrgOG-EDWn-1PzcqpQV-Dh-PA

Requested by

Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:27 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMG8TPoe6v7gMLcaftAAAAAAA&expiration=1702462707&google_cver=1&is_secure=true&google_gid=CAESEDU0diVN8nWQCzl2nf9LGKM&google_push=AXcoOmQFZ75xb9H079NEWZBmNgQ0fc0iTxMvL8eOG_QFDON82wOix4aPetYMQazsUJ5lROXxgTd0d_jCp822QPGibz3ceSMYwi6TT1WXZR1bTsd-WtXnwuflzGGDkm7u9wtrgOG-EDWn-1PzcqpQV-Dh-PA
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8894
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEfjrieVxWVeaQZ8bKoSECg&google_cver=1&google_push=AXcoOmRGZ_xiVgzIpuj8hiLurUbjWoWZIc3CW4O7DJhX0hxZ1UFhA9Vc52HqIQRPK5FsnIOITb9RB9YSkEaaIhwxZEcD7Gb...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRGZ_xiVgzIpuj8hiLurUbjWoWZIc3CW4O7DJhX0hxZ1UFhA9Vc52HqIQRPK5FsnIOITb9RB9YSkEaaIhwxZEcD7GbTOIAyrKEhWAUNgc2cvvLg1YH-eIjrkFM2HnwYB...

170 B
188 B

42ms
42ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRGZ_xiVgzIpuj8hiLurUbjWoWZIc3CW4O7DJhX0hxZ1UFhA9Vc52HqIQRPK5FsnIOITb9RB9YSkEaaIhwxZEcD7GbTOIAyrKEhWAUNgc2cvvLg1YH-eIjrkFM2HnwYBJNIpyfKOIraHJdFubEsrA&google_hm=eS13WDUxZUdKRTJwR1JCa1luV0xYa1RqYkljSjJuNG8weH5B

Requested by

Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Dec 2023 10:18:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRGZ_xiVgzIpuj8hiLurUbjWoWZIc3CW4O7DJhX0hxZ1UFhA9Vc52HqIQRPK5FsnIOITb9RB9YSkEaaIhwxZEcD7GbTOIAyrKEhWAUNgc2cvvLg1YH-eIjrkFM2HnwYBJNIpyfKOIraHJdFubEsrA&google_hm=eS13WDUxZUdKRTJwR1JCa1luV0xYa1RqYkljSjJuNG8weH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8894
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN0SwdrjAYLgodpxB7rsOTk&google_cver=1&google_push=AXcoOmSWy4HJAjv-oS51chKTqUBxt-gDqKrS1VikOo16sCQx0_KG9z4plkY44CUiAN5Nc1Yqp8Q...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyNldESEQtMjctR0oxQQ==&google_push=AXcoOmSWy4HJAjv-oS51chKTqUBxt-gDqKrS1VikOo16sCQx0_KG9z4plkY44CUiAN5Nc1Yqp8QHSiFDpCYD39tBDRIWFDVY_ZPys...

170 B
188 B

43ms
43ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyNldESEQtMjctR0oxQQ==&google_push=AXcoOmSWy4HJAjv-oS51chKTqUBxt-gDqKrS1VikOo16sCQx0_KG9z4plkY44CUiAN5Nc1Yqp8QHSiFDpCYD39tBDRIWFDVY_ZPys04Fb5aNDvnkl3ITOHqlWwRICv_oMNt6zikNj9VhezpYWnrGWilJdw

Requested by

Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyNldESEQtMjctR0oxQQ==&google_push=AXcoOmSWy4HJAjv-oS51chKTqUBxt-gDqKrS1VikOo16sCQx0_KG9z4plkY44CUiAN5Nc1Yqp8QHSiFDpCYD39tBDRIWFDVY_ZPys04Fb5aNDvnkl3ITOHqlWwRICv_oMNt6zikNj9VhezpYWnrGWilJdw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 948563be522c07ceb297f9b507489bca
Expires: 0

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 8894 42 B
233 B 723ms
240ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEGNUjUTYLQbQ1ZZ8aaYyP6w&google_cver=1&google_push=AXcoOmSuirRhE8LmAoPEMjq6oFFr4h-uZuvvkndq6a2iYtFBA0Mun3zKWNBJDGJgztO25qvB7zd7FOqUI-Lfc7S9Bj2y49U7WUkp_AK2ktOAb0qaoqtL_DieHsIidjOGOBntmJdYmgM6YN-Oat-b-wAwVPY
Requested by: Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 10:18:27 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8894
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESELshdkx25YtPwV9qQ15GZ2I&google_cver=1&google_push=AXcoOmQQHxHRutHofM1MLOQC50ukSv4xpfOH92dmvP7eldJQ1nr6CQ2rev7t7kzArAZz38fDa1ETfcfOeFAIR5-og7UN6bI0E...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ1Mzc3OTA2MDAzMzI1NjAwMFYxMA%3d%3d&mn_hm=MzQ1Mzc3OTA2MDAzMzI1NjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQQHxHRutHofM1MLOQC50ukSv4...

170 B
188 B

45ms
45ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ1Mzc3OTA2MDAzMzI1NjAwMFYxMA%3d%3d&mn_hm=MzQ1Mzc3OTA2MDAzMzI1NjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQQHxHRutHofM1MLOQC50ukSv4xpfOH92dmvP7eldJQ1nr6CQ2rev7t7kzArAZz38fDa1ETfcfOeFAIR5-og7UN6bI0EeimFuWCN6wA3lYOgdYV4NmAh65urLS-wA7pgsfedGTyYFHwy5j7ZbPBtKI&gdpr=&gdpr_consent=

Requested by

Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 10:18:26 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ1Mzc3OTA2MDAzMzI1NjAwMFYxMA%3d%3d&mn_hm=MzQ1Mzc3OTA2MDAzMzI1NjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQQHxHRutHofM1MLOQC50ukSv4xpfOH92dmvP7eldJQ1nr6CQ2rev7t7kzArAZz38fDa1ETfcfOeFAIR5-og7UN6bI0EeimFuWCN6wA3lYOgdYV4NmAh65urLS-wA7pgsfedGTyYFHwy5j7ZbPBtKI&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Tue, 12 Dec 2023 10:18:26 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8894
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESECgi4-b9qrfCqa3417k-ceI&google_cver=1&google_push=AXcoOmSoeNN2oxgGmByaWfpCNlz5K3SuLwq2JPJFkoeGx3OrzfpDNxeKr7X2SFc7CZqS83O2K9EFh...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmSoeNN2oxgGmByaWfpCNlz5K3SuLwq2JPJFkoeGx3OrzfpDNxeKr7X2SFc7CZqS83O2K9EFhwNrS_iNcnQf8Pwt6VjejB_oojzixjQHaIgBbB98oUwN3O...

170 B
188 B

44ms
43ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmSoeNN2oxgGmByaWfpCNlz5K3SuLwq2JPJFkoeGx3OrzfpDNxeKr7X2SFc7CZqS83O2K9EFhwNrS_iNcnQf8Pwt6VjejB_oojzixjQHaIgBbB98oUwN3OSVJeeKWMCzgZENV6VDPoM5-CDtknm1qWg&google_hm=WlhnemNzQ284WFlBQUxncHpVb0FBQUFB

Requested by

Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Tue, 12 Dec 2023 10:18:26 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESECgi4-b9qrfCqa3417k-ceI&google_cver=1&google_push=AXcoOmSoeNN2oxgGmByaWfpCNlz5K3SuLwq2JPJFkoeGx3OrzfpDNxeKr7X2SFc7CZqS83O2K9EFhwNrS_iNcnQf8Pwt6VjejB_oojzixjQHaIgBbB98oUwN3OSVJeeKWMCzgZENV6VDPoM5-CDtknm1qWg","cluster_id":0,"gdpr":false,"ipv4":"31.204.145.172","key":"ZXgzcsCo8XYAALgpzUoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40175"}
X-SO-Key: ZXgzcsCo8XYAALgpzUoAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40175
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmSoeNN2oxgGmByaWfpCNlz5K3SuLwq2JPJFkoeGx3OrzfpDNxeKr7X2SFc7CZqS83O2K9EFhwNrS_iNcnQf8Pwt6VjejB_oojzixjQHaIgBbB98oUwN3OSVJeeKWMCzgZENV6VDPoM5-CDtknm1qWg&google_hm=WlhnemNzQ284WFlBQUxncHpVb0FBQUFB
Cache-Control: private
X-SO-HostName: a-ad40175.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 4
Content-Length: 0
X-SO-LB-Hostname: m-tgng18.dc4p.scaleout.jp
X-SO-IP: 31.204.145.172

GET
H2 400 sspsync
cksync.yahoo.co.jp/ Frame 8894 35 B
622 B 37ms
13ms Image
image/gif 182.22.31.252
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEOCnngEijpO63Zgy5crsa6c&google_cver=1&google_push=AXcoOmRTYfn7NY3EBoY_K65gUGa61hJW-vSzoHVT-gLWG4-CIvV-PGtxSY4LDwXY508s55CZrU2OKh7fJFhHT8ylGLKbv9ZOgezZ-XpFcXIUutBnkSBSMERlRmAAUZ9lJVfCWz0hk7vSp5VdYT1Zx58o9zAJ

Requested by

Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:26 GMT
x-content-type-options: nosniff
server: nghttpx
age: 0
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private, no-store, no-cache
cross-origin-resource-policy: cross-origin
content-length: 35
x-xss-protection: 1; mode=block

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8894 0
12 B 36ms
35ms Image
text/html 172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LJD1YhTyPwbiwVe0JUu55NtYHJHZyj1UlL6u0RNjype5ReodXBewC9T0hI4qj1VeBXMcnrrg

Requested by

Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BC43 0
20 B 46ms
45ms Image
image/gif 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BFl8FcjN4ZfXnGueT29gP-_aVkA8AAAAAOAHgBAI&bg=!enmleTbNAAY3kmNgF5I7ADQBe5WfOPPL2Kfz2snXVvE3_MTe-24x5AgcQRPKdU-sKcBffsN9yBqOd_pnwYrRMetgjLrHAgAAAF5SAAAABGgBB5kDqyKsWWIiBwLydxwoBGXRTz6C9CgXWIXzdwT8RFrwlusJvbXG-H4V_pU-JRJAee3Wy6IOUhUue20LhVDoVbrXYwjN6fT0T7WsJ_95KlXNHGH2X1kqItRLK7h0F8vvdLemYTJcWAUCkv-y7laP1K7PRxWjGmnR55hD7J934BNRYkyoR1rXLoXgyor_yu3UZySKCsc9bV8bF7RDb2zJuSXAi2kFoNFTX5mPXhxVRvs68VNUelZZOeuhqKHJfxnt63WrdJXtJ2rPep1gLPT9LEnXFi2KWwqZ5kSCTtIGz7KARS_on84MlZDA809q9oSKXXh7mvAUy_40Kfpe0PiuKFXn4d5AHcjZrIXltdXmmHhNwJyKGMFp-jU2_T-A6ebCj3aQI6AUiLN2hWLNyGJP4RcUy4ZSUdBqtHkPEQ-sO7_PaD3NVc2SUwHwhQhB4kc6w5FwR4oXeXZ37EAa70aFU0Wan65fVxkLia0xiTNjWPKsQ_4V0xvlBGjMWhk7MKFvRunOUgRrRgZtAdedAg3U-F7MAebLbscOOzCAFZrDDtpgpocZ0TzXpj9NcsxXJ9scVtLWSy77lzlhrI-mJar2MGpMpCNxh_6V1Nha3QvAwpOvmTaISNyosei9hcroQLWgtbkXsujEY9P-dhG58JQpwe8TVsdcDUCM0mS11_mfTXKUVCnpm1u1Dfqub9dkckqq53Z5Vpwz7JeHpaGKDzd3jgNaXrWKFBQQOHsPH_VzWOV22ENrz9bwoo3zRu0h1mM47YF4cwA-UZtRZfH7RcRSeyTdY-X42SGl6dTrlVLT-JmZK2bzE6Ykm6UbWzi-09GW5SWiWwGoZp4F-gkflOALp-HeBUpDm8ZibG2_rAoNQa3qCYSEiT3vqE8caqNRKibfAPJcSgpX-UTaUGogrUr7_INRLxb1DzxhXQSRoCKxpmEIkL8HAmpICvj_mkHqFkAw2Ky83py8giA9tjYqqntaf4adYjZmi6R-oeVp3CGP0S-HmgEKbK9h-2iUVQjvMpf5i8iggxGKjE7sF5TB1LfLuXiErnPPRQ2BRA9zpp-MAKmxTpa3hZCkcO9F1RFFqefR6H6bnJreKxgL__Ooah9BGdIJYQOJuK9oW31NhnjDmJBxUBX6KRimuCXuTiQSzg9HyD0iaWwo6T0NQBm9Psqtr1BIsVZfZxQqRfAvFYIjsLs1aEyTibevdXMvt8wlksv2inrbuyIqKG50K3sYU-IokHlIUBwCEKd7DP2DpzKuYg

Requested by

Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content event.jpg
tps-dn-ae1.doubleverify.com/ Frame 8298 0
116 B 294ms
70ms Image
text/plain 35.213.187.112
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps-dn-ae1.doubleverify.com/event.jpg?impid=1b385649bbf7489c87d1858f712b7e77&consid=&api=1&rc=true
Requested by: Host: 5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
URL: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.213.187.112 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS: 112.187.213.35.bc.googleusercontent.com
Software: openresty/1.21.4.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 12 Dec 2023 10:18:27 GMT
Server: openresty/1.21.4.3

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 42ms
42ms Ping
text/plain 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702376301696&gcd=11l1l1l1l1&dma=0&cid=197797429.1702376302&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1702376301&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&_s=3&tfd=5890
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BFC8 42 B
64 B 52ms
51ms Fetch
image/gif 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZ0AE56P5tAXRgTXrb38H8gvcbmW8nOghosQ03gOTrSuvdF82cMibg7-1HcAc0I_FyjiJWBAb87EsSgCYFU0Xre5h_nmrFqKWlfyJSjTtCtWE8YeyjQlTu9gFz&sig=Cg0ArKJSzBeEs5u6qj-1EAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=3481089748&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702376305560&rpt=1060&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BFC8 42 B
64 B 53ms
53ms Fetch
image/gif 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfX87mMtpbdxesI23x9opwy0swyL_m3k4oyArsfVVVvPQFP96KFdSY2PalzpUE8EpErpwfiOtbtdv4Iaag9hWfx7nv5EgsNHiUu1Ca6We92N_Cy0soxH8YmDSlMYscjop-Ps_jFFoLpUa5MT9dm7fz7rMR&sai=AMfl-YSpmgPoyB49a6fwX405N2mqGk-AhOYhu6W34vbL3UWqCHBSlEUQIn8b8il9jDa8Z7vibczNG30G1prfVDKXHb7CFXmGCcPWMrs6bGDKJlaNcqhCmqDGkfW_1nGj&sig=Cg0ArKJSzGe1yRtQJP2AEAE&cid=CAQSPAAvHhf_zvxKp59EB4v7p7ACj8Qt6URM8uC5iWMU5Q65zyum_cbTVbpKrR2DRRqpEa3rELKufX9C1c63ChgB&id=lidar2&mcvt=1004&p=108,1030,362,1330&mtos=0,1004,1004,1004,1004&tos=0,1004,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=2033195636&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702376305560&rpt=1056&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BFC8 0
20 B 41ms
41ms Ping
image/gif 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9538349366357&version=m202309260101&ct=77&x=1&cor=17870782815235324000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D26B 0
0 42ms
42ms Fetch
image/gif 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuy9zncmXAQtSD7Xegi0_exO8xbIqHJXobgrNvDagekRh1-PBUkQGPliMNs0N334XWTnvEuzU763Mt2TYjl0Q5FAvlKB5uIxYGakhClg000j3zTRDV0YF7xY_tfoaPXTBk9atZjpYP_pxIepAgygZKH5PBDo2Tl9UqSLbnLt4_0SC5r8gdmxDqt-Bq-oFz5uqupQrid_E1iLfZWjN1cRp2AtBLFUqe-GwmpThtrR5UX6LQP6xmt8S6s1ZcqMnYNhzzdH8X2QeCVge_33VA9tWq_N5yCBocRa1k2KHEdfsesLkPePl20SG-MaOErm_81ykJKI4qjawphHkvtEwhdNzJtAMTd-2BRWoe18xfvEWt5fMWJyPM8HY7V8EsvxULVQIwElrGMMv31WfO4yQ&sai=AMfl-YQiF7vJY6-WOs4odaG24TCbrWQ-egqyBFwN6EMEbL6G3SjIBvnNSH_Ab2WAaaWMyotGFQIhjSCw_TQ4M2XmbpBSyCgqdaEc5_LDLrXHrpnn3gV_Gaze_e0rjHi8SplJ6-Gsvk4kYFo6U5OQVRzM_wPq&sig=Cg0ArKJSzMm6HB8KMRlZEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Dec 2023 10:18:28 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F5B1 0
0 42ms
42ms Fetch
image/gif 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEmdmaTN14nAQEA9BQtysRfRsrFR6CxVetIeFbDwkO_5PTQCuyihht6zXoqwMjUjtr8VzRV0sgBH61t0IGODR9xmPGt9H4clUZKbf0nbJtLjty6m6jpRRPsVHrv440RZGJhPnu21FTwJXWwa8W3CD3kugxF75GbFVmtgNbHZ9tBheQN3NO5AoE2XixtUTa4Av4BVn1WE-2mAE48ZY_5zFaO9yV6wcCiN8rv1667YEw9SIs4pOeUH5Nwcz8sBPaEOsT6rfu7enFsuVHk4Nj8ZX1wWu0kgJEjcFIuYAlU4BJe8Nr3oOzFE8_GR7v95BkGRh_g-wRt2uPI_J9kOD0c1GU6lqu7YcDPApk1UjbwaSpsjg85H-rKKlwzwBSWfpFwTm4eAZ3mYGRVJ0ZkQ&sai=AMfl-YStgScgFcKd8QpF00vl7MqvEguYy1lPZWAwfqDdcwJdgXOVALNjfWYBzB59il0UUa6zvmBTAJcPhnzTuEE12JYhU4zztT3lxk4Bbo5C38Le2eM78Fvqu5LWEBJiKgENNmtI3CTfHc4is9rY-0bP_WAY&sig=Cg0ArKJSzBySSC8l4JY1EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Dec 2023 10:18:28 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 60ms
60ms XHR
application/json 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439e5baf8106762d80a23f06355b6fee83c3f9b03d61fdf39daed28effe0743e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12281
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 29D2 15 KB
6 KB 167ms
167ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 10:18:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 873273
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A106 15 KB
6 KB 189ms
188ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 10:18:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 960179
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 13F8 15 KB
6 KB 207ms
206ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 10:18:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 1015350
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 94ms
94ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 12 Dec 2023 10:18:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A2F6 13 KB
5 KB 3ms
2ms Document
text/html 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 37799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 23:48:30 GMT
expires: Tue, 10 Dec 2024 23:48:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 327B 829 B
561 B 42ms
41ms Document
text/html 2404:6800:4004:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bac33d253c0404566e1b4cc08e6a81ea5d222ac3d5ecc3d4049f24e530837121

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CjqtmXO8upRZ9PvXXk2Shw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-CjqtmXO8upRZ9PvXXk2Shw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 10:18:29 GMT
expires: Tue, 12 Dec 2023 10:18:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame A2F6 39 KB
15 KB 10ms
10ms Script
text/javascript 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 07:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 356912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 07:09:57 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 29D2
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=A1hFI18lMkI5U2VnejBiU0ZUR2xpdVdMVjFhN3YyUFhKRlZTUEprUFM4Q3hHOCUyQnBKOTZvdVN2NEZ1aG...
https://mug.criteo.com/sid?cpp=W3sgNnx6dmYvOXhyVm14UGJVekxUU1pmaG5yYVR1YUVOdUZ5QlBwWm1ydjgwTTZkZ0J5WUhxN1FSU0QzbmErQW0xTUJCOEhKTTN3SldBRnZBNHdXZ216dVZ6bW9rMEhuZVJXVnFYSkNHendhT0pHa0NoU1Qzb0I2TFAyOT...

428 B
653 B

76ms
75ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=W3sgNnx6dmYvOXhyVm14UGJVekxUU1pmaG5yYVR1YUVOdUZ5QlBwWm1ydjgwTTZkZ0J5WUhxN1FSU0QzbmErQW0xTUJCOEhKTTN3SldBRnZBNHdXZ216dVZ6bW9rMEhuZVJXVnFYSkNHendhT0pHa0NoU1Qzb0I2TFAyOTZmM3ZzbWc4WnpKT0YxaGR0aGplcFJ5aFdVU0N5QUJRNFdoYW1LL1BncVlmdStpWGJiQmR4SGFUUktGODFvT3JsRWtrTFhkR3hSeHJyRzE3dlhTNTVrdkJMcjZUNkNCcXZtMUhZYlpTb0V1NVV0K2lFbWtRT2U5aGxRSWpjTlBURlFnekMzM0NSOXZkRkl2TDVYL01SenR2NWNVWXUwcFNvaUlYMTBvMUdYUDNkUEsvRG9GWT18&cppv=2

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

5a3dbe394548d605a1f8b1d563e02dd41f11cc5e153a5cfa9bd6620556a3d110

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:29 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 714463
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=W3sgNnx6dmYvOXhyVm14UGJVekxUU1pmaG5yYVR1YUVOdUZ5QlBwWm1ydjgwTTZkZ0J5WUhxN1FSU0QzbmErQW0xTUJCOEhKTTN3SldBRnZBNHdXZ216dVZ6bW9rMEhuZVJXVnFYSkNHendhT0pHa0NoU1Qzb0I2TFAyOTZmM3ZzbWc4WnpKT0YxaGR0aGplcFJ5aFdVU0N5QUJRNFdoYW1LL1BncVlmdStpWGJiQmR4SGFUUktGODFvT3JsRWtrTFhkR3hSeHJyRzE3dlhTNTVrdkJMcjZUNkNCcXZtMUhZYlpTb0V1NVV0K2lFbWtRT2U5aGxRSWpjTlBURlFnekMzM0NSOXZkRkl2TDVYL01SenR2NWNVWXUwcFNvaUlYMTBvMUdYUDNkUEsvRG9GWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 342252
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame A106
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=A1hFI18lMkI5U2VnejBiU0ZUR2xpdVdMVjFhN3YyUFhKRlZTUEprUFM4Q3hHOCUyQnBKOTZvdVN2NEZ1aG...
https://mug.criteo.com/sid?cpp=_Q0XAXxtWUQ3OGVka3Z5cFRVOXhqNXNsSzJYaGFpem5hZGFYVDcxd3E1YVp4bFNKNGRpWHl0MG5kRHRwZU0wWmsxK2ZENlRlSnRHcjFmZHdoZHZhTXZxWDRmVlZ4THl4R0tqRDdvdklCb1RERksrU1ZEamJRZHRud2lHek...

428 B
669 B

76ms
75ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_Q0XAXxtWUQ3OGVka3Z5cFRVOXhqNXNsSzJYaGFpem5hZGFYVDcxd3E1YVp4bFNKNGRpWHl0MG5kRHRwZU0wWmsxK2ZENlRlSnRHcjFmZHdoZHZhTXZxWDRmVlZ4THl4R0tqRDdvdklCb1RERksrU1ZEamJRZHRud2lHekZjQy94MjlySkJGL1BtZTRSZjMzeW9RcDI5dE9pQ0NKcUdFZHpOTzRQWEgvUGk2VVhxUGt2S28wQVlsNU1KaGk2Y2cyb2pnRGM5QTFoTWFGc2ltQkdqMEMvcm0vU0RXT0V0RG1EYkk2dWE1VXFMdVBGcWZkclNhTG9JWG9GM3BocnFnTWJ2MTlnWG45Q0JnQ04rbUQ1aWd2Z3dOTG9UZXV4K2FIU1grQTF0U1dNWGtJaWVIST18&cppv=2

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

08f0d97c27c36561af71b7619d23053ac3335a467f9df4e36a8556841457b832

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:29 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 781868
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=_Q0XAXxtWUQ3OGVka3Z5cFRVOXhqNXNsSzJYaGFpem5hZGFYVDcxd3E1YVp4bFNKNGRpWHl0MG5kRHRwZU0wWmsxK2ZENlRlSnRHcjFmZHdoZHZhTXZxWDRmVlZ4THl4R0tqRDdvdklCb1RERksrU1ZEamJRZHRud2lHekZjQy94MjlySkJGL1BtZTRSZjMzeW9RcDI5dE9pQ0NKcUdFZHpOTzRQWEgvUGk2VVhxUGt2S28wQVlsNU1KaGk2Y2cyb2pnRGM5QTFoTWFGc2ltQkdqMEMvcm0vU0RXT0V0RG1EYkk2dWE1VXFMdVBGcWZkclNhTG9JWG9GM3BocnFnTWJ2MTlnWG45Q0JnQ04rbUQ1aWd2Z3dOTG9UZXV4K2FIU1grQTF0U1dNWGtJaWVIST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 415220
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 13F8
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=A1hFI18lMkI5U2VnejBiU0ZUR2xpdVdMVjFhN3YyUFhKRlZTUEprUFM4Q3hHOCUyQnBKOTZvdVN2NEZ1aG...
https://mug.criteo.com/sid?cpp=ptEkFXxPb3U0RkpnVHF4VzlCNDRIVUs3dkF3WnQ5bkcyMllpclUveDAwU2Npa1duZURGMVhyTjdDZmtRNGZMSGFTQ2FoWWhzSFAwWjhTckcrN1phaDRVWmE4Tlo3aEkxVUJDb0JBMndFUEdNQjNjaWlZelowUy9SenVqUF...

433 B
654 B

76ms
75ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ptEkFXxPb3U0RkpnVHF4VzlCNDRIVUs3dkF3WnQ5bkcyMllpclUveDAwU2Npa1duZURGMVhyTjdDZmtRNGZMSGFTQ2FoWWhzSFAwWjhTckcrN1phaDRVWmE4Tlo3aEkxVUJDb0JBMndFUEdNQjNjaWlZelowUy9SenVqUFhUOHpZUldVYmZrbWlodGZqQ0FtUTA3WFV0Rnl0elBHMGdYT2hyYklWb2RRblFaZ0pjb3JsOU5IMWFCOFZGcnM4RnZnWXdyQXVTK2wwSzAxb1lObjVjQktUdmJkeGZodyt4NUo1MlRIWTlEREZnLzJlK1FGYUYxM21jc3FLVjVieWFhaFZPY2xVRWNPQUZMdEFnaC9tdnQ3ZG5OdVpmWGNreHhhL0Fta2JVTndFdTVyS25pVT18&cppv=2

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

cd58f9d5c4f615c9a0f71904bbb53af0c3c4d068560c17f83a9f5b95c73b9236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:28 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 880933
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ptEkFXxPb3U0RkpnVHF4VzlCNDRIVUs3dkF3WnQ5bkcyMllpclUveDAwU2Npa1duZURGMVhyTjdDZmtRNGZMSGFTQ2FoWWhzSFAwWjhTckcrN1phaDRVWmE4Tlo3aEkxVUJDb0JBMndFUEdNQjNjaWlZelowUy9SenVqUFhUOHpZUldVYmZrbWlodGZqQ0FtUTA3WFV0Rnl0elBHMGdYT2hyYklWb2RRblFaZ0pjb3JsOU5IMWFCOFZGcnM4RnZnWXdyQXVTK2wwSzAxb1lObjVjQktUdmJkeGZodyt4NUo1MlRIWTlEREZnLzJlK1FGYUYxM21jc3FLVjVieWFhaFZPY2xVRWNPQUZMdEFnaC9tdnQ3ZG5OdVpmWGNreHhhL0Fta2JVTndFdTVyS25pVT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 273542
content-length: 0
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 327B 0
0 51ms
51ms Image
text/html 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312050101&jk=1170363582578810&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A2F6 0
10 B 2ms
1ms Image
text/plain 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bg2TWw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:18:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312050101&jk=1170363582578810&bg=!ra6lruHNAAY3kmNgF5I7ADQBe5WfOCAMXXA0mS1tEbyDVDAqmJW5OVVIPSQoLc0UuJk0iul6gVugm8yfe3P-qQ1mrUPFAgAAAFxSAAAABGgBBwoAaDIlTlOhhT9SsPPZuNWHOfe71IIWgy8YAkF9M7oqJX3zOcocFCOF5OFztFvV96zBDOB0YZlpsmzn8Ae_e48itx3mDogF2HuhDy7lOUnxDWVcduIjyc93vfFG8JI8cAC6aPSVpyhAP1QNmQLhxRvDKN83s4gKLyYlum2D6l3NmsJklKO4-7Ov4FUKACyrKP8vjev588XL1KzwBnGMZzNLc-5wTui_0KC8Uo-AsKrI2pRb9vQGkk94ZOeBPGvBlPeyFcC3_ILiGD_8bVEfJFNSbkQnv25zzT32ncRGs6w7evxPmPlfzPYAhgWhncQTjJ_qFRBCMk0jxfdjzasKpeCjPO89Qrpyr0pH7tKbbBJvwpBV5g7O_zEnTPZLaVE1gVDvhXiukGvH5vhqfzw71iD65qR5cWcQuyO_IWfsgtR59IOYfxgHXrtcmcCh70MNQ3ScFN4ViV1m8jWEaeRMVwyWpk7lY2jWqQI14r49OaCJjClYObM-G8JeZsBBHQ9T-q4NUf-p1GnIQlRY7tAN54HEhmaYhZ3B2mkVjLoRAF3zQbl_FdCamarSdZFE1JcQ275Ojmkxc3ALBaeD6wCFEMF8_X1_THSlliMRRKNbF24BFwmBMi8hEU6QnVVIOyMdso8hdBMQOPFv8v6PGwQyfRRfLSSKCw92EBfuPoKcPGyd0N1D6CQFttwfCu1LD_xRFDs_IoB3zYpVSxDB2C8DeSyfiA-Pxtqo4VxPQhhzoe_znWYG5f_sze_IcHuEREOluwIPJGLqKAwToPAh6_c6JIjxWDuiRnKy8xgSSi7hNrzeFN6AnTkT41oS9ZM4ESO3gF4Fr56l3-zGzVm0wTELjKnUfwyVZmqESditB2lhd4QG3dayslNGC0kxRhT-ihVO-ezgDYp-hL3mTsWh15hF-ldNFfaKX7sfrBrucSNAgC2gQDO0d16b0zFDB7dXEUW39HmkNoX6D0shp858DCxp4V94Qk_CVWq7nwlaAqhx2ky7fWMv-dWVFa-Moklqx6Lc73yqf6MNxy412dEHZDYZRGT_IqF6KEvFBTO7Lg0OTXM9O25eE3NK6wnRuiNrisS3ZJQ7f0M9HMM41giVDAE3sTHbXOcSOD2V4g6zmeZQ8NQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D26B 42 B
64 B 48ms
48ms Fetch
image/gif 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNLGM3n6swObmsPLfs19JuQxAggrVliA0E9pF5pD47r2VX0ujFygzZ0PEfOX061j6KF7UP8DCfq5W8nMRe8FAploUgBzYqGKqC4BskABMKqlhQK4XBQD2Ve_AZxkA_Owyf6PSvLmMbfmNlAStbk9JK-nMe&sig=Cg0ArKJSzFe09wv6OE5WEAE&id=lidar2&mcvt=1000&p=108,1030,362,1330&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231207&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=1451399479&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702376302345&rpt=6623&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F5B1 42 B
64 B 48ms
48ms Fetch
image/gif 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVO372bcN50H_JwzGg5brBi20NjdI2LAT5ySn0Mftnz4PWDfrFC8_jqqoTveTTJhfbVXM6i7GTFw3UWU5BIo4iwjqnB16_cMymbTEYZLzz9z5xEUT-w1k5u-tSbrpCArnjB9mZPIbZZOSgdNSoJvGtE8po&sig=Cg0ArKJSzDWQwAxYZqJXEAE&id=lidar2&mcvt=1001&p=108,650,362,950&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20231207&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=3242553145&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702376302363&rpt=6609&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 10:18:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-ae1.doubleverify.com/ Frame 8298 0
345 B 82ms
75ms Ping
text/plain 34.149.43.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ae1.doubleverify.com/event.png?impid=1b385649bbf7489c87d1858f712b7e77&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_asmm=1&vdur=444&eoid=17&te_exec=0&msrjs=5125&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=0&tetms=8&msltms=6&vltms=444&sei=289&vetms=5&tuviims=83&tuviems=532&engms=1&engisel=1&ee_dp_ddtes=2&dvp_dtcov=4&sim=3&msrcanlm=392&msrcannum=3&ee_dp_tmads=2569&ismms=36&isumms=35&nvr=6&isgmmims=36&isgmv4mims=36&elmtp=6&isbxdms=2543&b0=100&b11=2523&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=2623&sftb=2623&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1035&isuiabvms=1035&isgmpims=142&isgmv4dpims=1035&ispmxpms=1035&engalms=34&dvp_dpr=1&vstsz=892&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3465
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5125.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
Pragma: no-cache
Date: Tue, 12 Dec 2023 10:18:30 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-12-11T10:18:30

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: scontent-iad3-1.xx.fbcdn.net
URL: https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=081abc&_nc_ohc=KF7ckY7Fk7IAX9G45JG&_nc_ht=scontent-iad3-1.xx&edm=ADwHzz8EAAAA&oh=00_AfAvaAaUMWZEH5--7Itp0u3sNhQ6R7XqeOdHatmfdpOJag&oe=657D7A05

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,ja_JP/2Yd4YbKG5Pn.css?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/uAMMUd1P0Xp.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/2_UQu_HhTQu.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz

Domain: www.facebook.com
URL: https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19703.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7311650538345908170&__req=4&__rev=1010356289&__s=%3A%3A49po41&__sp=1&__user=0&dpr=1&jazoest=21829&lsd=tEVFEALW274YtLBlwEvte8

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.reurl.cc/	1970-01-20 19:02:32	Name: _fbp Value: fb.1.1702376301767.63346964
.reurl.cc/	1970-01-20 16:54:22	Name: _gid Value: GA1.2.2052360573.1702376302
.reurl.cc/	1970-01-20 16:52:56	Name: _gat Value: 1
.reurl.cc/	1970-01-21 02:28:56	Name: _ga Value: GA1.1.197797429.1702376302
.prnasia.com/	1970-01-20 16:52:58	Name: __cf_bm Value: kSYR1AI985TvoAcoUsnO_S0sFS4GNL8Y7BT9TXiytVQ-1702376301-1-AbDzDeP7LMNv7j2tSxW6TIh7XRZAfQNvHaaZhAWQXco7CGAnknKr9bYDWYFCWHu1lFedGw+jotRoEFDvA98Ujlc=
.openx.net/	1970-01-21 01:38:32	Name: i Value: 5639128b-8d49-498a-b6f2-80ab412ef5b8\|1702376302
.reurl.cc/	1970-01-21 02:14:32	Name: __gads Value: ID=df42ae11c4e28d27:T=1702376301:RT=1702376301:S=ALNI_MZMN40TTD-lBk1zYS9HHmH2IvFO2g
.reurl.cc/	1970-01-21 02:14:32	Name: __gpi Value: UID=00000caa9a445f83:T=1702376301:RT=1702376301:S=ALNI_MZ-BBlJ8lvXO48CFINLEFfIrYKZKQ
.openx.net/	1970-01-20 17:14:32	Name: pd Value: v2\|1702376302\|jElYiuvOhI
.doubleclick.net/	1970-01-21 02:28:56	Name: IDE Value: AHWqTUlp23lryXXDspJFBDAiVSuEt6uVZ9pUkq_Hk09L7pZhJPe7gHRcE1cKMEyHJY0
.reurl.cc/	1970-01-21 02:28:56	Name: _ga_N394QBRGC0 Value: GS1.1.1702376301.1.0.1702376302.59.0.0
.adsrvr.org/	1970-01-21 01:39:58	Name: TDID Value: 25022a30-8efc-4e5f-8757-6eed4e5bb110
.socdm.com/	1970-01-21 02:28:56	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNzAyMzc2MzAyfQ
.adsrvr.org/	1970-01-21 01:39:58	Name: TDCPM Value: CAEYBSABKAIyCwjmqsLpzMG9PBAFOAE.
.crwdcntrl.net/	1970-01-20 23:21:43	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 23:21:43	Name: _cc_id Value: 5697a9a9f20e5603de50fabcf4c69a21
.openx.net/	1970-01-20 17:14:32	Name: univ_id Value: 537072971\|25022a30-8efc-4e5f-8757-6eed4e5bb110\|1702376302460722
.reurl.cc/	1970-01-20 23:21:44	Name: _cc_id Value: 5697a9a9f20e5603de50fabcf4c69a21
.reurl.cc/	1970-01-20 16:54:22	Name: panoramaId_expiry Value: 1702462702389
.send.microad.jp/	1970-01-20 19:02:32	Name: TR Value: 538ef476683f9c7069fd362dad863ccc161d6c812cb15613
.casalemedia.com/	1970-01-21 01:38:32	Name: CMID Value: ZXgzbpgZYJZIwfjOOHlm0QAA
.casalemedia.com/	1970-01-20 19:02:32	Name: CMPS Value: 5469
.casalemedia.com/	1970-01-20 19:02:32	Name: CMPRO Value: 5469
.doubleclick.net/	1970-01-20 16:52:59	Name: DSID Value: NO_DATA
.ladsp.com/	1970-01-20 16:52:59	Name: cr Value: 1
.ladsp.com/	1970-01-21 02:28:56	Name: smn_uid Value: 9qh64sRZP91teYNh8KOpLhA8ZAuHkVY
.ladsp.com/	1970-01-21 02:28:56	Name: lum Value: COfQo-zFMRIFCAMQ0AU
.doubleclick.net/	1970-01-20 21:12:08	Name: APC Value: AfxxVi7PsGV9C2Kh6GMfuT_9ozzKhHEcoP8wlaV_7MjCnmX8AF6tyQ
.reurl.cc/	1970-01-20 17:36:08	Name: ISMD5VERSION Value: 1
.criteo.com/	1970-01-21 02:14:32	Name: uid Value: 18cce0ae-7066-4a3c-ad02-a1b05667f7e3
.criteo.com/	1970-01-21 02:14:32	Name: receive-cookie-deprecation Value: 1
.holmesmind.com/	1970-01-20 16:54:22	Name: fcm Value: 1
.hinet.net/	1970-01-21 02:28:56	Name: uuid Value: b081f490-404e-4339-93b0-c73e80dbd3a2
.lndata.com/	1970-01-21 01:39:01	Name: admckid Value: 2312121818221488453
.holmesmind.com/	1970-01-20 17:14:03	Name: Vision Value: 20231212-23:59,20231212-21,20231212-21,20231212-23:59
.holmesmind.com/	1970-01-20 17:14:03	Name: C Value: null
.holmesmind.com/	1970-01-20 19:17:53	Name: RK Value: null
.holmesmind.com/	1970-01-21 02:28:56	Name: P Value: 944491-cWeK4Jdh2qEwcvxRgGEzjZZX89iceQ9H
.reurl.cc/	1970-01-20 17:36:08	Name: CFFPCKUUID Value: 9330-SgQmSnDPaA4jT2ZwcFLrHn2v3LXaWOym
.reurl.cc/	1970-01-20 17:36:08	Name: CFFPCKUUIDMAIN Value: 2765-T5NLwNUTFkT73LOvoAGgLUqZhEc6LEiZ
.reurl.cc/	1970-01-20 17:36:08	Name: FPUUID Value: 2765-ac69bf05835fe423366c58eacb786977
.reurl.cc/	1970-01-20 18:19:52	Name: truvid_protected Value: {"val":"f","level":0,"geo":"JP","timestamp":1702376304}
.reurl.cc/	1970-01-21 01:38:32	Name: __htid Value: b081f490-404e-4339-93b0-c73e80dbd3a2
.reurl.cc/	1970-01-20 16:52:59	Name: _ht_em Value: 1
.c.appier.net/	1970-01-21 01:39:58	Name: _auid Value: SsGr5q_FDcGpXhYGcDN4ZQ
.reurl.cc/	1970-01-20 16:54:22	Name: _ht_50ef57 Value: 1
.reurl.cc/	1970-01-20 16:54:22	Name: _ht_hi Value: 1
.holmesmind.com/	1970-01-20 17:14:03	Name: R Value: null
.holmesmind.com/	1970-01-20 19:17:53	Name: G Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/	1970-01-21 02:28:56	Name: d Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.doubleclick.net/	1970-01-20 17:36:08	Name: ar_debug Value: 1
.adnxs.com/	1970-01-20 19:02:32	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In5r*w!Q!]tbPl1M>e)ZlrFUfJ+tGXxoLAN2qAUHuc'B%8eZ^c?j+8xZyg[8/@H'u%$13If)y3KL9D3I?+m8WrL%
.adnxs.com/	1970-01-20 19:02:32	Name: uuid2 Value: 7754404616721475806
.socdm.com/	1970-01-21 02:28:56	Name: SOC Value: ZXgzcsCo8XYAALgpzUoAAAAA
.media.net/	1970-01-21 01:38:32	Name: visitor-id Value: 3453779060033256000V10
.media.net/	1970-01-20 17:13:05	Name: data-g Value: CAESELshdkx25YtPwV9qQ15GZ2I~~3
.yahoo.co.jp/	1970-01-21 01:39:58	Name: XA Value: akek481ingcri&sd=A&t=1702376306&u=1702376306&v=1
.yahoo.co.jp/	1970-01-21 02:28:56	Name: XB Value: 54347lhingcri&b=3&s=pi
.yahoo.com/	1970-01-21 01:38:53	Name: A3 Value: d=AQABBHIzeGUCEA_Ju0fM3FMHdnCfGmzmopQFEgEBAQGEeWWCZQAAAAAA_eMAAA&S=AQAAApf7bCh8E0SgbamSEJQb9v8
.dotomi.com/	1970-01-20 16:52:56	Name: DotomiTest Value: 488b6115efc2215
pixel.rubiconproject.com/	1970-01-20 19:02:32	Name: receive-cookie-deprecation Value: 1
.reurl.cc/	1970-01-21 02:14:32	Name: cto_bundle Value: TTt_9l8lMkI5U2VnejBiU0ZUR2xpdVdMVjFhN3BqWjZvelVCTUNTTFVuazBJJTJCUXJnaGt4cWdEQlc0eWtZeTAwRXNUd1JWZnFHbzhLSG1uQ1YzQlU1UGVpRnNRd05MU0lRcGpjcWklMkJSWnBiMWVQa2RMUDhWJTJCZldsdlRvRDNGT1FzJTJCY2tVMHBMckFaWmM4UFNJSVhlcGlyOTlxakZnJTNEJTNE

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEOCnngEijpO63Zgy5crsa6c&google_cver=1&google_push=AXcoOmRTYfn7NY3EBoY_K65gUGa61hJW-vSzoHVT-gLWG4-CIvV-PGtxSY4LDwXY508s55CZrU2OKh7fJFhHT8ylGLKbv9ZOgezZ-XpFcXIUutBnkSBSMERlRmAAUZ9lJVfCWz0hk7vSp5VdYT1Zx58o9zAJ Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://fcm.holmesmind.com/cm.php Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://fcm.holmesmind.com/cm.php Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5d4091faaf045b43893354b19c81d44f.safeframe.googlesyndication.com
a300e6897c0ff056ee0dbb93665dc348.safeframe.googlesyndication.com
ad.doubleclick.net
ad.holmesmind.com
ad2.apx.appier.net
ae55ec5e96ad21362dc8f4b21f6110a2.safeframe.googlesyndication.com
analytics.google.com
anymind360.com
asset.re-news.tw
b081f490-404e-4339-93b0-c73e80dbd3a2.t.ssp.hinet.net
bcp.crwdcntrl.net
bidder.criteo.com
blog.alphaloan.co
c.holmesmind.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.doubleverify.com
cdn.holmesmind.com
cdn.jsdelivr.net
cksync.yahoo.co.jp
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cm.lndata.com
cnt.trvdp.com
connect.facebook.net
cr-p3.ladsp.com
creditcards.com.tw
cs.media.net
dclk-match.dotomi.com
dsp.adkernel.com
dsum-sec.casalemedia.com
fcm.holmesmind.com
fcm2.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.aralego.com
i0.wp.com
ib.adnxs.com
img.gbyhn.com.tw
img.racingcharger.tw
invstatic101.creativecdn.com
jp-u.openx.net
m.holmesmind.com
match.adsrvr.org
mma.prnasia.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
reurl.cc
rt.ad-score.com
rtb0.doubleverify.com
s-cs.send.microad.jp
s.trvdp.com
s0.2mdn.net
scontent-iad3-1.xx.fbcdn.net
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
storage.re-news.tw
storage.reurl.cc
t.ssp.hinet.net
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
tps-dn-ae1.doubleverify.com
tps.doubleverify.com
tpsc-ae1.doubleverify.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.rayskyinvest.com
scontent-iad3-1.xx.fbcdn.net
static.xx.fbcdn.net
www.facebook.com
103.132.192.30
103.43.90.114
104.18.35.167
104.18.36.155
116.50.36.71
124.146.153.170
13.251.47.187
13.32.50.91
13.35.49.123
142.250.196.98
142.251.42.134
143.204.86.119
151.101.1.55
172.105.221.29
172.217.175.66
174.137.133.49
18.172.52.86
18.65.185.40
182.161.74.11
182.22.31.252
192.0.77.2
192.0.78.236
192.0.78.24
202.233.84.8
203.75.214.136
209.58.171.197
210.59.219.34
23.45.56.26
2404:6800:4004:801::2002
2404:6800:4004:812::2008
2404:6800:4004:813::200e
2404:6800:4004:81c::2003
2404:6800:4004:81e::2003
2404:6800:4004:820::2006
2404:6800:4004:821::2002
2404:6800:4004:821::200e
2404:6800:4004:822::2001
2404:6800:4004:824::2002
2404:6800:4004:825::2001
2404:6800:4004:826::2001
2404:6800:4004:826::200a
2404:6800:4004:828::2004
2404:6800:4008:c03::9d
2404:6800:400a:80a::2002
2406:2600:4::1
2406:2600:4::12
2406:2600:4::b
2406:da18:929:5a03:1628:90e8:825a:7750
2600:140b:a800::17c3:5b8a
2600:9000:20c4:b200:1e:5c56:d400:93a1
2600:9000:20e4:2400:0:e06c:e940:93a1
2606:4700:3034::6815:6009
2606:4700::6811:efc2
2a02:fa8:c411:11::730
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
2a04:4e42:400::485
3.33.220.150
34.102.146.192
34.117.23.234
34.120.107.143
34.149.43.113
34.149.98.30
34.95.67.231
34.96.70.87
34.98.64.218
35.185.130.121
35.190.36.98
35.201.76.93
35.208.216.174
35.213.187.112
35.227.194.51
35.227.249.156
35.244.196.223
52.192.40.163
52.68.5.49
54.95.167.198
61.216.47.122
8.39.36.142
99.84.133.60
02cdbd2ac3e4e8084abdb1b577ee4f787bb441ad15915f0e5f247f35432654b9
03c4734142979d183658b38eb3c637ff9710cfda62aef744c893386a086cdb32
0601fd87040a1b8268fd9aa52cd65450f30d6269c356ca4e8c3c0d7d71c78e2f
08f0d97c27c36561af71b7619d23053ac3335a467f9df4e36a8556841457b832
096f85ac6d28eb274e8f6bcffc83c4d3baf2041bd4befd0adea68c566b20c57b
0b4244649c61b071c525cc539bc1f2b35dd800e6f3cf68c032fbcddd50d17655
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1d5335d48c1231012293aaa5a4c25e09f7503fb34e508e7fb4427a4e26286c
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3
1166784630ae8bef675556090064aab4ac668ddb3df39feadc899b406c5d41e5
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4
15e2d6c7259db328b001cd7a860398341025f7daa6fd25b5ab30c4d6fa2c7d41
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1c934279a5712a2eac721aa250ced8a0612804fe7b020c8939e581b34ad0c1f1
1f67ed14fb7f61b7c2dd9137f1d97a4b8f6d2469977320452e846d16de6c997d
2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef
236858260a5b5a35991c9255afe177bdc456c017efd8edffbfa707662484987f
2a9371289c07d9374f645eedd6b6b88b1ff00314af7cc28a1aab087d369c2eaf
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2c74d53b61eaafbecdd2b1e7d139628699d7f5637d88bf4b87ed1f73f28f1f7e
2c9a1bcd3d8193197c2b2b66dd5cb5ac0f6c5d7df46302f84fa27d1c61639a31
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30
32904b2fe5f0857f592b27582d2f2dd0eb318adeae774720cbafbfd14adbeed0
3424a152479aee7ab4e7585f9c8305b4722391899e9d6233274ea865f772debd
354a8c772ee54f0794768cda3d1634463ee1cc620fb7dbc96bd0dde2fb2b2884
35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
367a601747ab2ff04d19fd087d1d0a1dc7df29c05a3b3d002f4653b2daefd665
3734c01100f54eb39e2612827645a197465b209f0b058efd22d2aa04f34fb66c
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3ca6b467640ef1a3b85c823360c85d57dd12a17d267cb2cbdae2650c64c791ef
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38
432d901ea96ac3be844f2f177043fa0818e22ab8c8127939e2e86a919ae61102
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160
439e5baf8106762d80a23f06355b6fee83c3f9b03d61fdf39daed28effe0743e
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
467bfa0c05c4624a5c44c7816b3ea9aa6c19a620bc1ccf49e9886cdbe9fe29b8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4727e445e47f5141bf5114c6d06666d91dc856e98f78cda08be077c51960a5fb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4befa326b38f0fc61c5227c39caef6044e3e60579c2dd48d814b20d1d5011740
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec7e2cdfaf63939b2388677506d602546be7d1a21a55e8ab672d34cbe6ea80f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fc703e8cd2b090a02c3d790930dcc1684f805293150f200ed18ac81df35a88e
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c
597e1c2f51c0d64bd7ab56cec9dea9dd33d54b3e6afd6ce354aed2d32cd5b451
5a3dbe394548d605a1f8b1d563e02dd41f11cc5e153a5cfa9bd6620556a3d110
5ba664c72916c1601b2e25cd99ba0a13f3479b34e5666f7f25967c187a7c8c27
5c1a0cc0660ca4a75c7818fa364ba338d0057590fbbfb8ece381c6a22d6b7c61
5d28e955cf2bc7eab352b6053c691492b7436b141829f69b52f3639f86beaa96
5d7dbac87791e59386c79498f6799af7f06a5cb355a08711877fff9fd46bf31e
5f170477597d1e3c8d780789ece124ec1f6df29aa5efe45102401af3b660030f
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6215cea030001547475bd19ec624e50c85af367309e115d7813ae4eaff664d32
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
655163bff2a3eb050ff0c2f16b8f64bd49801e4025f9d6be04683c61e724fd40
675c68ec272e15adac541942a16ddfa45419f6f959147e4728a4e26c512520ad
6901497ba9f5c0414d450dd763729dc3cd7aef945f77cf28fe7e42ed76545f45
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e
6da09922041317a5c21dbcc3edfc9c08996fd01e2e164960e1454bc10eeb58d6
6e130a84f32acbb8f10ecc944bc9b0d27131df8e4f823fbaa047f14c84ec5e85
6e4cd86f53f4cea6ee3cebed2d7702255d8b1a0330be9271f1cdd124c92ef450
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507
730863af2f42f8b0a58a1d0297a6b09f8b96e34cb36f023d3ba539644f26ed58
74293afa95dcbd91642f02400175667775e99f363ad58444d7463670f89797ff
74687619d19b6aab5fb64d2a418337b20ca4332c3971bb34f55490d0a3c47552
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
77346cbb67be753c266961545d64638a6bd8771c1031ff30846e36fba0b786f9
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
80681585e3e5eda2d4eb799a13afa40d0546a234fde891115de6fd4ec614b47e
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8538ac8affdd67f70b035156cbf6303a83988bff319be7eb3d61cdd61be84926
85471e5e51bc58825f357a0ecfdbf31b107bd12b5b9e994901b41865c69458d1
85860504237da19e5fe0e00064ba0500bb820d783912adb6faa56af971a774c5
87ae91e390e5e2738143bfe09cfdd67f215aa3d7ed025ca8e0bb2fb1f18f2ea3
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
8d22e8674996add266e802e3bbd788292e2b94866193047a2811ee27d86d46b6
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8eb65a15bd7e425911056fc9d4e8094ebc85a20ea1cbff1b9840a4f00fb06a07
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b
94266a7f36a63edc3463feae8ed94ba779d71c4afbc685937d946bb41c3ab593
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
990706829aa2bca47e97f5e8968b4cf8841c7c54c2ca26deb6be90dd62fc9310
9a74492dc88a6371d2e968bd8c85ece5eaabeb0a2eb34f0b3fc6c5d7a63d0321
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a101cec1294a2ccd468a17a0a29b5cdd7463aab33d99c348b7cf6e5f86f85063
a16e447dbac1f308581f17e1b89a25b2043cb3b7674865358c8bbcfb839ab0ae
a3f88aff30bbf3ef655fbe0e8ec14e0f9a6d7eb8c61ee1d1bfc78d56e6515df8
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a94199168409e1a324f541a1c9e80dea86b0fa9d7d4355c829cede7f43881006
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
a9d9e361051bd03c3a9a77b5074a74a925182b0e0ac02abee63e838b305311bc
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af371a51c66d9ea95923d3c614a5206fd247939e4aed97e2be28432fa6ab515e
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2
b31d04859fc21cc6be5174c6e175a091d8b5ffc74cfa92126cdbc5b9545c97b2
b49a12beb106da40e2e93ad075a7efd4dc6e182e4c31fe583caeb5ea7bea8d8c
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b5150c2d8be008e41735325a2c448dbf3f9a67133b98c5d990c802649172869e
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b6aa54bfea18eb207226352cc2a01e174cc06d752cb141189fe0bd67b38ca0ce
b82fdbc474d8380a69fa34d303b8af0df698743e7c2d7f6d919c90d06c6279f1
b8ddda03beeb8f92bb2a33bc873956dcb7601ef13f416c9912f953ebc122b391
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5
b98745699334e83f49350bbf814a657f787ae1d515b8e41df4856ea89dd2f8a1
ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22
ba19c4add3cf65d9545c4af3d45a258c6b1a74ad50303595286e93b868dbe88c
bac33d253c0404566e1b4cc08e6a81ea5d222ac3d5ecc3d4049f24e530837121
bacb069d5133f9f5a54d6f82725068ab0a34f860a1d195036769fdae208bb736
bc62be07d652f0c17d0ac238df52c7f628e1a00836060ac88493bcf1c5f328f7
bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459
c095fd0595e1cd5f3b78dcc04a60403cf94ac140a6a9fe6193c943c086d04fc7
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
c3407b0f863ae7b317fe7d42783fa6fae9b38e3de51ba4fe7886cab5f0eac8e3
c42ee2281367f446e5bf2789698ad1c32483669af9384abacb43029517555393
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c7a230951774a1e4124863cab4f66f6660313eb167e4a09749a8f04082750abe
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
c83e5e23e9ec5d43acf4246c7fbfb676ad03f65e041fcfb7e8a7f7db707e401d
cd58f9d5c4f615c9a0f71904bbb53af0c3c4d068560c17f83a9f5b95c73b9236
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda
d39229f8f30f9d7c40b186b83700a7c300ff6d8e09cee9a05fccde6384813bd8
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265
d6aa42439d6acdb1b8c427de1e4cdea34f4c0053544b956c43c554d7c53c14b1
dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac
e80f3c6479f08a7ea0b97f0c3538f4d3420e0f00df102e15469e7fc6ed013cbc
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ea75147436a6b5a51c64c3be82d1c848b32d1758611ccd54ab7e6de10d833b97
eb4a0050b78fffb48df0b9845aaee9aeedfe0871e540633619710d8c9c601a2a
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee0333bac53e13791c2839cdf75c14fa96fe7e2e9c685763d472897f865e6571
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f9e5168f44d3bf94e4cfa28c017cafa204601234d2c0f1ba260edc4d90252c7e
fa838177ca10bab53b29da1d0f8de3070a4c650ee4decff5b6ecefa4e62a5727
fac9e3fb8e9e7e05984d7a1a5fe2a1c09505d7dff0759da966e41ad2786f27c2
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fe8525e548365fa0470fc7e4bc895a0797864161112b2a5561ea911438b293b7

reurl.cc Open in urlscan Pro 35.185.130.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

349 Requests

89 %HTTPS

37 %IPv6

55 Domains

89 Subdomains

73 IPs

7 Countries

5981 kBTransfer

13156 kBSize

62 Cookies

21 Outgoing links

Redirected requests

349 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Screenshot
Live screenshot

Full Image

349
Requests

89 %
HTTPS

37 %
IPv6

55
Domains

89
Subdomains

73
IPs

7
Countries

5981 kB
Transfer

13156 kB
Size

62
Cookies

349 HTTP transactions
9 data transactions