urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
URL: https://reurl.cc/gaOWLp
Submission Tags: gc
Submission: On December 19 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 71 IPs in 8 countries across 55 domains to perform 517 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 116978.
TLS certificate: Issued by R3 on November 18th 2023. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35.185.130.121 396982 (GOOGLE-CL...)
2 2a04:4e42:400... 54113 (FASTLY)
5 34.149.98.30 396982 (GOOGLE-CL...)
1 151.101.1.55 54113 (FASTLY)
1 2404:6800:400... 15169 (GOOGLE)
42 2404:6800:400... 15169 (GOOGLE)
5 2a03:2880:f10... 32934 (FACEBOOK)
1 35.244.196.223 15169 (GOOGLE)
29 2a03:2880:f00... 32934 (FACEBOOK)
3 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 34.117.23.234 396982 (GOOGLE-CL...)
1 61.216.47.122 3462 (HINET Dat...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 192.0.78.24 2635 (AUTOMATTIC)
1 35.185.136.122 15169 (GOOGLE)
1 35.244.153.44 396982 (GOOGLE-CL...)
1 2600:9000:20c... 16509 (AMAZON-02)
1 192.0.78.187 2635 (AUTOMATTIC)
25 2406:2600:4::1 55569 (CRITEO-AS...)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 18.65.185.71 16509 (AMAZON-02)
9 2404:6800:400... 15169 (GOOGLE)
1 10 2404:6800:400... 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 52.74.215.70 16509 (AMAZON-02)
4 34.98.64.218 396982 (GOOGLE-CL...)
77 2600:9000:20e... 16509 (AMAZON-02)
9 2404:6800:400... 15169 (GOOGLE)
5 2404:6800:400... 15169 (GOOGLE)
34 2404:6800:400... 15169 (GOOGLE)
2 2 35.71.131.137 16509 (AMAZON-02)
1 1 124.146.153.165 2514 (INFOSPHER...)
1 35.244.159.8 15169 (GOOGLE)
2 2 99.84.133.60 16509 (AMAZON-02)
11 21 142.250.207.34 15169 (GOOGLE)
8 116.50.36.71 18046 (DONGFONG-...)
10 52.68.5.49 16509 (AMAZON-02)
2 34.95.67.231 396982 (GOOGLE-CL...)
2 52.194.85.18 16509 (AMAZON-02)
21 203.75.214.136 3462 (HINET Dat...)
2 10 35.201.76.93 396982 (GOOGLE-CL...)
8 35.227.249.156 15169 (GOOGLE)
16 18.182.103.101 16509 (AMAZON-02)
3 2404:6800:400... 15169 (GOOGLE)
1 18.172.52.51 16509 (AMAZON-02)
9 18 2406:2600:4::b 55569 (CRITEO-AS...)
1 209.58.168.56 59253 (LEASEWEB-...)
7 103.132.192.30 138552 (RTBHOUSE-...)
7 210.59.219.34 3462 (HINET Dat...)
14 28 35.190.36.98 15169 (GOOGLE)
14 14 172.104.70.67 63949 (AKAMAI-LI...)
1 18.65.185.12 16509 (AMAZON-02)
2 143.204.86.129 16509 (AMAZON-02)
16 2406:2600:4::12 55569 (CRITEO-AS...)
9 182.161.74.11 55569 (CRITEO-AS...)
1 143.204.86.126 16509 (AMAZON-02)
1 35.208.216.174 15169 (GOOGLE)
48 2404:6800:400... 15169 (GOOGLE)
1 1 202.233.84.8 131957 (MICROAD M...)
2 4 104.18.36.155 13335 (CLOUDFLAR...)
1 142.251.222.6 15169 (GOOGLE)
2 23.35.112.238 16625 (AKAMAI-AS)
2 2 2a02:fa8:c411... 399104 (CNVR-APAC)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 35.186.193.173 15169 (GOOGLE)
3 3 35.213.12.39 15169 (GOOGLE)
2 2 35.76.193.82 16509 (AMAZON-02)
1 1 51.79.154.9 16276 (OVH)
2 2 20.127.253.7 8075 (MICROSOFT...)
2 2 141.95.33.120 16276 (OVH)
1 1 35.208.249.213 15169 (GOOGLE)
1 13.35.49.78 16509 (AMAZON-02)
1 13.225.183.98 16509 (AMAZON-02)
2 3.115.150.138 16509 (AMAZON-02)
2 2600:140b:a00... 20940 (AKAMAI-ASN1)
7 23.195.84.51 20940 (AKAMAI-ASN1)
2 34.149.43.113 396982 (GOOGLE-CL...)
2 3.24.107.100 16509 (AMAZON-02)
517 71
1    35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    34.149.98.30 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.98.149.34.bc.googleusercontent.com
storage.reurl.cc
1    151.101.1.55 (United States)

ASN54113 (FASTLY, US)
anymind360.com
1    2404:6800:4004:824::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
42    2404:6800:4004:811::2002 (Australia)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
29    2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
3    2404:6800:4004:821::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2404:6800:4008:c13::9c (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2404:6800:4004:811::2003 (Australia)

ASN15169 (GOOGLE, US)
www.google.co.jp
1    34.117.23.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.23.117.34.bc.googleusercontent.com
asset.re-news.tw
1    61.216.47.122 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-216-47-122.hinet-ip.hinet.net
img.racingcharger.tw
1    2606:4700::6811:efc2 (United States)

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    2606:4700:3034::ac43:961f (United States)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    192.0.78.24 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    35.185.136.122 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 122.136.185.35.bc.googleusercontent.com
re-news.tw
1    35.244.153.44 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 44.153.244.35.bc.googleusercontent.com
www.rayskyinvest.com
1    2600:9000:20c4:6000:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.wixstatic.com
1    192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
25    2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    18.65.185.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-71.nrt57.r.cloudfront.net
tags.crwdcntrl.net
9    2404:6800:4004:81c::2001 (Australia)

ASN15169 (GOOGLE, US)
26bc98c029eb89f7f47928e20f90a40e.safeframe.googlesyndication.com
6e203983f9c0fdaa201c943a45c0abb9.safeframe.googlesyndication.com
96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
3a543dc8c57038aaec160c3d12fb9de6.safeframe.googlesyndication.com
87f9374de54e38ddc657f0a6c02c6cfb.safeframe.googlesyndication.com
93e316ec37e4979788aed6448b0f2244.safeframe.googlesyndication.com
e36a608567ca68ccf16afddceeb24ff5.safeframe.googlesyndication.com
9773af2ccec3483e4ae1d512b685dda5.safeframe.googlesyndication.com
10    2404:6800:4004:818::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    52.74.215.70 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-215-70.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
jp-u.openx.net
77    2600:9000:20e4:1600:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
9    2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2404:6800:4004:813::2001 (Australia)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
34    2404:6800:4004:825::2001 (Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    124.146.153.165 (Miyado, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
jp-u.openx.net
2    99.84.133.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-60.nrt57.r.cloudfront.net
cr-p3.ladsp.com
21    142.250.207.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f2.1e100.net
cm.g.doubleclick.net
8    116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)
cm.lndata.com
10    52.68.5.49 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-5-49.ap-northeast-1.compute.amazonaws.com
cm-dev-poc.holmesmind.com
2    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
2    52.194.85.18 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-85-18.ap-northeast-1.compute.amazonaws.com
fcm2.holmesmind.com
21    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
cb19cead-7983-401e-85f6-6f401482e2d0.t.ssp.hinet.net
10    35.201.76.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
8    35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com
m.holmesmind.com
16    18.182.103.101 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
3    2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    18.172.52.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-52-51.nrt20.r.cloudfront.net
cnt.trvdp.com
18    2406:2600:4::b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    209.58.168.56 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
hb.aralego.com
7    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
7    210.59.219.34 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net
prebid.scupio.com
28    35.190.36.98 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com
ad2.apx.appier.net
14    172.104.70.67 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1680-67.members.linode.com
gocm.c.appier.net
1    18.65.185.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-12.nrt57.r.cloudfront.net
go.trvdp.com
2    143.204.86.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-86-129.nrt12.r.cloudfront.net
stg.truvidplayer.com
16    2406:2600:4::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
9    182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
mug.criteo.com
1    143.204.86.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-86-126.nrt12.r.cloudfront.net
s.trvdp.com
1    35.208.216.174 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 174.216.208.35.bc.googleusercontent.com
rt.ad-score.com
48    2404:6800:400a:813::2002 (Osaka, Japan)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    202.233.84.8 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
s-cs.send.microad.jp
4    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
1    142.251.222.6 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f6.1e100.net
ad.doubleclick.net
2    23.35.112.238 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-112-238.deploy.static.akamaitechnologies.com
servedby.flashtalking.com
2    2a02:fa8:c411:13::1370 (Amsterdam, Netherlands)

ASN399104 (CNVR-APAC, US)
dclk-match.dotomi.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
3    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    35.76.193.82 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-76-193-82.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
1    51.79.154.9 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip9.ip-51-79-154.net
onetag-sys.com
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu
id5-sync.com
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
gtrace.mediago.io
1    13.35.49.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-49-78.nrt20.r.cloudfront.net
ajs-assets.ftstatic.com
1    13.225.183.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-183-98.nrt57.r.cloudfront.net
agen-assets.ftstatic.com
2    3.115.150.138 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-115-150-138.ap-northeast-1.compute.amazonaws.com
d9.flashtalking.com
2    2600:140b:a00:e::b81d:8cd4 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
7    23.195.84.51 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-195-84-51.deploy.static.akamaitechnologies.com
cdn.flashtalking.com
stat.flashtalking.com
secure.flashtalking.com
2    34.149.43.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.43.149.34.bc.googleusercontent.com
tps.doubleverify.com
tpsc-ae1.doubleverify.com
2    3.24.107.100 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-24-107-100.ap-southeast-2.compute.amazonaws.com
ad-events.flashtalking.com
Apex Domain
Subdomains		 Transfer
125 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 132288
cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 171925
fcm.holmesmind.com — Cisco Umbrella Rank: 210108
fcm2.holmesmind.com — Cisco Umbrella Rank: 154750
c.holmesmind.com — Cisco Umbrella Rank: 107592
m.holmesmind.com — Cisco Umbrella Rank: 190604
ad.holmesmind.com — Cisco Umbrella Rank: 104322
762 KB
91 googlesyndication.com
26bc98c029eb89f7f47928e20f90a40e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
6e203983f9c0fdaa201c943a45c0abb9.safeframe.googlesyndication.com
96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
3a543dc8c57038aaec160c3d12fb9de6.safeframe.googlesyndication.com
87f9374de54e38ddc657f0a6c02c6cfb.safeframe.googlesyndication.com
93e316ec37e4979788aed6448b0f2244.safeframe.googlesyndication.com
e36a608567ca68ccf16afddceeb24ff5.safeframe.googlesyndication.com
9773af2ccec3483e4ae1d512b685dda5.safeframe.googlesyndication.com
506 KB
69 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
ad.doubleclick.net — Cisco Umbrella Rank: 139
1 MB
43 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
bidder.criteo.com — Cisco Umbrella Rank: 776
mug.criteo.com — Cisco Umbrella Rank: 2811
66 KB
42 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 52931
gocm.c.appier.net — Cisco Umbrella Rank: 2197
7 KB
25 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 953
scontent-iad3-1.xx.fbcdn.net Failed
555 KB
25 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
359 KB
21 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 84860
cb19cead-7983-401e-85f6-6f401482e2d0.t.ssp.hinet.net
26 KB
13 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 923
d9.flashtalking.com — Cisco Umbrella Rank: 1842
cdn.flashtalking.com — Cisco Umbrella Rank: 1337
ad-events.flashtalking.com — Cisco Umbrella Rank: 1667
stat.flashtalking.com — Cisco Umbrella Rank: 1843
secure.flashtalking.com — Cisco Umbrella Rank: 2874
71 KB
13 google.com
analytics.google.com — Cisco Umbrella Rank: 152
www.google.com — Cisco Umbrella Rank: 2
5 KB
9 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
579 KB
8 lndata.com
cm.lndata.com — Cisco Umbrella Rank: 161265
4 KB
8 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 26644
3 KB
7 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 92120
15 KB
7 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
us-u.openx.net — Cisco Umbrella Rank: 491
jp-u.openx.net — Cisco Umbrella Rank: 15595
2 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 116978
storage.reurl.cc — Cisco Umbrella Rank: 432247
6 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
104 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
28 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 489
tps.doubleverify.com — Cisco Umbrella Rank: 505
tpsc-ae1.doubleverify.com — Cisco Umbrella Rank: 15385
106 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
3 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
194 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
2 KB
3 trvdp.com
cnt.trvdp.com — Cisco Umbrella Rank: 38270
go.trvdp.com — Cisco Umbrella Rank: 34674
s.trvdp.com — Cisco Umbrella Rank: 30609
136 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 re-news.tw
storage.re-news.tw
asset.re-news.tw
re-news.tw
81 KB
2 ftstatic.com
ajs-assets.ftstatic.com — Cisco Umbrella Rank: 2804
agen-assets.ftstatic.com — Cisco Umbrella Rank: 2372
30 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
3 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1442
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4682
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2627
882 B
2 truvidplayer.com
stg.truvidplayer.com — Cisco Umbrella Rank: 27502
3 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25818
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
718 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
12 KB
2 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 26283
515 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
58 KB
1 mediago.io
gtrace.mediago.io
464 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
383 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4999
609 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
640 B
1 microad.jp
s-cs.send.microad.jp — Cisco Umbrella Rank: 17722
526 B
1 ad-score.com
rt.ad-score.com — Cisco Umbrella Rank: 27242
595 B
1 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 30104
170 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
857 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
5 KB
1 alphaloan.co
blog.alphaloan.co
181 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5797
248 KB
1 rayskyinvest.com
www.rayskyinvest.com
612 KB
1 creditcards.com.tw
creditcards.com.tw
43 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
629 KB
1 prnasia.com
mma.prnasia.com — Cisco Umbrella Rank: 534895
42 KB
1 racingcharger.tw
img.racingcharger.tw
127 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
92 KB
1 anymind360.com
anymind360.com — Cisco Umbrella Rank: 20760
43 KB
517 55
Domain Requested by
77 cdn.holmesmind.com securepubads.g.doubleclick.net
cdn.holmesmind.com
ad.holmesmind.com
reurl.cc
48 pagead2.googlesyndication.com securepubads.g.doubleclick.net
reurl.cc
tpc.googlesyndication.com
www.googletagservices.com
96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
pagead2.googlesyndication.com
42 securepubads.g.doubleclick.net reurl.cc
securepubads.g.doubleclick.net
www.googletagservices.com
34 tpc.googlesyndication.com reurl.cc
cdn.ampproject.org
securepubads.g.doubleclick.net
tpc.googlesyndication.com
96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
googleads.g.doubleclick.net
28 ad2.apx.appier.net 14 redirects reurl.cc
25 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
25 static.criteo.net securepubads.g.doubleclick.net
cdn.holmesmind.com
reurl.cc
static.criteo.net
21 cm.g.doubleclick.net 11 redirects google-bidout-d.openx.net
googleads.g.doubleclick.net
reurl.cc
96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
18 gum.criteo.com 9 redirects static.criteo.net
18 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
16 bidder.criteo.com static.criteo.net
16 ad.holmesmind.com cdn.holmesmind.com
14 gocm.c.appier.net 14 redirects
10 c.holmesmind.com 2 redirects cdn.holmesmind.com
10 cm-dev-poc.holmesmind.com cdn.holmesmind.com
10 www.google.com 1 redirects reurl.cc
tpc.googlesyndication.com
9 mug.criteo.com reurl.cc
9 www.googletagservices.com securepubads.g.doubleclick.net
96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
8 m.holmesmind.com cdn.holmesmind.com
8 cm.lndata.com cdn.holmesmind.com
7 prebid.scupio.com cdn.holmesmind.com
7 prebid-asia.creativecdn.com cdn.holmesmind.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 www.facebook.com reurl.cc
static.xx.fbcdn.net
5 storage.reurl.cc reurl.cc
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 connect.facebook.net storage.reurl.cc
connect.facebook.net
fcm2.holmesmind.com
3 stat.flashtalking.com reurl.cc
3 cdn.flashtalking.com ajs-assets.ftstatic.com
reurl.cc
3 x.bidswitch.net 3 redirects
3 cb19cead-7983-401e-85f6-6f401482e2d0.t.ssp.hinet.net cdn.holmesmind.com
3 googleads.g.doubleclick.net reurl.cc
96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
pagead2.googlesyndication.com
3 analytics.google.com www.googletagmanager.com
3 www.google-analytics.com storage.reurl.cc
www.google-analytics.com
reurl.cc
2 ad-events.flashtalking.com reurl.cc
2 cdn.doubleverify.com ajs-assets.ftstatic.com
reurl.cc
2 d9.flashtalking.com ajs-assets.ftstatic.com
d9.flashtalking.com
2 id5-sync.com 2 redirects
2 sync.inmobi.com 2 redirects
2 pool.admedo.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 servedby.flashtalking.com 96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
reurl.cc
2 96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 stg.truvidplayer.com go.trvdp.com
s.trvdp.com
2 fcm2.holmesmind.com cdn.holmesmind.com
2 fcm.holmesmind.com cdn.holmesmind.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net google-bidout-d.openx.net
2 us-u.openx.net google-bidout-d.openx.net
2 match.adsrvr.org 2 redirects
2 oajs.openx.net 1 redirects reurl.cc
2 www.google.co.jp reurl.cc
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 cdn.jsdelivr.net reurl.cc
1 9773af2ccec3483e4ae1d512b685dda5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 tpsc-ae1.doubleverify.com cdn.doubleverify.com
1 e36a608567ca68ccf16afddceeb24ff5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 93e316ec37e4979788aed6448b0f2244.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 secure.flashtalking.com
1 87f9374de54e38ddc657f0a6c02c6cfb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 tps.doubleverify.com cdn.doubleverify.com
1 agen-assets.ftstatic.com ajs-assets.ftstatic.com
1 ajs-assets.ftstatic.com servedby.flashtalking.com
1 gtrace.mediago.io 1 redirects
1 onetag-sys.com 1 redirects
1 ipac.ctnsnet.com 1 redirects
1 px.ads.linkedin.com 1 redirects
1 ad.doubleclick.net 96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
1 s-cs.send.microad.jp 1 redirects
1 3a543dc8c57038aaec160c3d12fb9de6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 6e203983f9c0fdaa201c943a45c0abb9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rt.ad-score.com s.trvdp.com
1 s.trvdp.com go.trvdp.com
1 go.trvdp.com cnt.trvdp.com
1 hb.aralego.com cdn.holmesmind.com
1 cnt.trvdp.com securepubads.g.doubleclick.net
1 tg.socdm.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 26bc98c029eb89f7f47928e20f90a40e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 blog.alphaloan.co reurl.cc
1 static.wixstatic.com reurl.cc
1 www.rayskyinvest.com reurl.cc
1 re-news.tw reurl.cc
1 creditcards.com.tw reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 mma.prnasia.com reurl.cc
1 img.racingcharger.tw reurl.cc
1 asset.re-news.tw reurl.cc
1 storage.re-news.tw storage.reurl.cc
1 www.googletagmanager.com reurl.cc
1 anymind360.com reurl.cc
1 reurl.cc
0 scontent-iad3-1.xx.fbcdn.net Failed www.facebook.com
517 98

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2023-11-18 -
2024-02-16		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
storage.reurl.cc
GTS CA 1D4		 2023-12-10 -
2024-03-09		 3 months crt.sh
anymind360.com
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-27 -
2023-12-26		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2023-12-07 -
2024-03-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.co.jp
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
asset.re-news.tw
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
img.racingcharger.tw
cPanel, Inc. Certification Authority		 2023-10-22 -
2024-01-20		 3 months crt.sh
*.prnasia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-11-24		 a year crt.sh
gbyhn.com.tw
GTS CA 1P5		 2023-11-20 -
2024-02-18		 3 months crt.sh
tls.automattic.com
R3		 2023-12-08 -
2024-03-07		 3 months crt.sh
re-news.tw
R3		 2023-10-29 -
2024-01-27		 3 months crt.sh
*.rayskyinvest.com
R3		 2023-11-04 -
2024-02-02		 3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-03 -
2024-01-30		 6 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.lndata.com
GeoTrust G5 TLS RSA4096 SHA384 2022 CA1		 2023-12-04 -
2024-12-07		 a year crt.sh
*.t.ssp.hinet.net
 2023-04-06 -
2024-04-06		 a year crt.sh
*.trvdp.com
Amazon RSA 2048 M01		 2023-07-26 -
2024-08-23		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-09 -
2024-12-09		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2023-09-27 -
2024-10-27		 a year crt.sh
*.truvidplayer.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-20		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2023-09-02 -
2024-10-03		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-14 -
2024-09-14		 a year crt.sh
*.ftstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-06 -
2024-03-08		 a year crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2		 2023-07-19 -
2024-08-19		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-04 -
2024-05-03		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2023-09-29 -
2024-09-28		 a year crt.sh
ad-events.flashtalking.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-17 -
2024-09-03		 a year crt.sh

This page contains 79 frames:

Primary Page: https://reurl.cc/gaOWLp
Frame ID: 945919FD6302F5E7393C207465580499
Requests: 52 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: DD15A48325ACECE23CF9FDE9E96EDA61
Requests: 34 HTTP requests in this frame

Frame: https://26bc98c029eb89f7f47928e20f90a40e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 92FC94AAC478B89F76FE3ACD3A4F1D52
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 9CBD79710B3F6736781B749FC0B4FA3C
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7QhRyP2j2jEuEEg0hV6eI1UvhzxQv8xa8Nc9xaxuUXRvyVxUSL9kOIas_lw2cOSogG-2e9HwVh0xnrBZk8qspaPiLyJOzWIx_3TxxoKbP_ygQ2N_SjefgeBtKrtNXGAwV4jEb2HUms_luEpSh04LBYGymiKTWLzFm50qJqYh2oUcRQzdbtXtyWz4HqJ_VfYuqvoMFQLRVOfdCxPz3_i5engXOoCxDi3O5n9ROgU-W-OhsPzKoruULsoo-hRIlHGND1C_V8PFC1s3yVKZ3OFOlkbAXwDHPcRVx_OqIFjHrlNpcSfIHcwfmBlRFPmye-SyBk4Jm_608FisZaSiGJ5z94B9B6pYSFvkaF0r4FwYCvEZWmE1h42g1A9ut_6bF2TjdkbJ2AtKfmKM&sai=AMfl-YSOItZnywW4Q9Tb0ZQNAP-a9mDn_HQJw95yCrlBSc6Ny8l4YhJE2iSVjvBV1jW4WupA-JrrEksvgU6v5YUlnj9sCg8fmYo4_-U5UgZEFe9Mw5-Qj_URjkdjKLLRdmAg6zErl42KJpb220rV7GEIZ3aK&sig=Cg0ArKJSzMrtSakyQR27EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 28C7AB9C5FBE11DA42A50AD19A8FF1C9
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 01D3F8203EC598D2A8EE84F8F25E95B7
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyCW7OTQHK5nwblIw-irW3kwiHHvJ1F4aOZgIDIrT5h7EQ0Y5Aw36fPh4fiWiWm8LKaWHcEr7fsLpGGs9GMNwXd31xncyR5uFdHLrM_GL63XTFo7nI7ZyeC4N4sN7jZp6U5Ht9x7EE-ThOV881U6xmKBunxVMhKEpQSPT62heeT1-aSw8RnK3sCsUNR9ESCOMSgl5lnUTu0bZL_xXRlkpsph9MpI3w3QY1PHYbgM6uWaaJXt9is_DdaTXcIzRL2dqvC3ZkTsn9qe6nVC1zOtHrV_rQvejAUb-w8GeDBOOA1ft3AArHumYLev8JRNn-7jQ5gO39tqIE0bJ-p6giXURaY_tgRs837R6v8dD8YaJYP6Gzlf1hSzCoCDg11UVi--zqdpLyP42jalA&sai=AMfl-YQJ2MopOUpQrsMwkTlF0sp2WXEFWe-l6_dF0Hxn0n4n9N6wZjykOb8t4tiZGXOHHy-nxWfQyP4AFkf6zrRcY_ssBcW8O2jeFA9ZAbeWbvvhMlUkVckSufDg2uwpdicHKZNBEoL7P_-_IVuDUlsZjkBQ&sig=Cg0ArKJSzCDrgqhl6ob1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: CB762992887753948775CFA4AA8ABB72
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 850C7DC2673388E59D28D79EA97D0697
Requests: 12 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 303CBDC04AD965CFB645DC607B851D39
Requests: 16 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 7EEFF84C6DD0FD33DCCBC01C48DA3B07
Requests: 7 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: E3DAA13537BBF94FA53CB62FBED68173
Requests: 21 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: A69CB7895B76EE80A88E1ACEEB589D07
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 426C27CAFB61CC16C61F71B565AC4431
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 31FAF482C211BC9D28786A6CD01422C0
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: BEEE1A4D5D240A47DE5A146A912CD4E0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvprB0PTV2YXyqUJW_OWi2qfD-hlG-p1_jGgLWTlAQyH9W4kJJNeQLEeBG0WzG978evcKaopGcW6Xv8hRa5MKokXQbzCiFEsnYG1VrKbFGlA2YwftHGi5PfJQndDdzMDRDt-f06pcuxwL_rpHmq4ju6Ub7Ym0ZmO_VvpwSrZzRkxIJfYQfJXtlg-VHXpUx6CEHV7YfwDb3ToOEnJDgGfitDe3KCVNvi_AL6I2DwZAdUqOoJG3Os1ZkuIehqKUtYQ1-C4yDCI2upR4qW53yNxVBZBD2YRzdlnWae-FG7WUEPGupg0pcGP6q8XoCuyJgpzXs9gDMXh3jioYWA8FjR37h1rbNWTWqN4nbkXxrWhwrP7ewY-NKGT94LsyyN1HUUuhSr-hbscw&sai=AMfl-YRP9ug7SB-fTwRpQZJPodH7VSYGKVtDIxcCNEvk2qsYRpbZqoXt18no2NOJSLs-V9H_P4HO1jxd9EaWyAy4FwxLX6YXw5ebNKjsGuB-Bca01tb3oceaU67OvM8BIVOMxFe-DTTprSE_-FbZ9ZzhiRUo&sig=Cg0ArKJSzJVd7ctG8KTfEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 4BD9A0D8CE699B870FD8380C568335B3
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Frame ID: 8930EA1CB4A49AB97391A27B1EF2D282
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 6C7CC5093B0E9C35381FD093AF444D7D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 51657ED0169E662421F28C81E4AD3036
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Frame ID: 6DEF851D16175218DB7E1A9ACF04D264
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: CA5F459A4E36648BE47E7D357C74548E
Requests: 21 HTTP requests in this frame

Frame: https://6e203983f9c0fdaa201c943a45c0abb9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 7AD1DD5AEF40AB584BD571E13CA1EF12
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BE1EB4E10901837D926C288CDDCF4A19
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 62B594878273959078FD2FAEFC411648
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHS7NDbbjcTQBcRU9vHnuUeUponxvo420nNtJTqpO5ENDiKnx1Ws8TJ-kuTz6XqIjhTs25lmAd9w-W0xi5PTIttgv9oBQF6pVXM6RVjAtwiKTZ416OhXc31Bq66sYAJe1W16QX0r0spgfxVYJBobwPIylQLH0Zsbtx7HseKg-yeey_Dsq17Nj0yPByoAECoQiu6DspOkvXVQUZi85W_g5ee0gOOH5qRSspoRChaSTfw38HW5RCenzbBhrPy25vP026getZGrAFUZpNLJyZMVKNtW_1YsAR-JPzD-oKdVuHQ3OJ6IJk9_2xK6KjwVbdQOylbNyVNDjlmR6maL0nqJOR8Z5S10iOVsE2uPManRbAfC4LA6z2lC_PxjVVA5uqeSfWD6YPBc2bC_9i3cWGfWbWlA&sai=AMfl-YTvIN-Htg2NYVZjv4erJfCcvxSi2D-u1He0wdp3CXHX5hLBJHSqSYSbhbphvCM_XydwoTuZDSJdLqWHmDRlIewvjbv7p12GFIVIFtDNW7Kb1Tu79Xuyes6n3LPyuXs&sig=Cg0ArKJSzMGp2IDP5OduEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: DE4A68548814207B397C2BEA4EE9340B
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Frame ID: CF86F5D87C6137DB8F6C9B6754032C0E
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 0EB028C75A728BCF75C312AB39FCB297
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 4839F7EDE372EC195247687A70FEC42F
Requests: 6 HTTP requests in this frame

Frame: https://stg.truvidplayer.com/v5.832/prtct.php?val=f&geo=JP&timestamp=1702982073&level=0
Frame ID: D6670D121A8AF8B7469C8E92322766B7
Requests: 1 HTTP requests in this frame

Frame: https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Frame ID: 38F87E891C3672D2012396786ECFD0B6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7E2B1E1BAAC3132B0A4B3DAC11173CD3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2C60EB43B538A3AC5964448002D13D72
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 12CF790A312C1CD689AF72E85312590C
Requests: 6 HTTP requests in this frame

Frame: https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Frame ID: B5AA61960B4A3582EA908521491A7AF5
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYneCIgQIwAQ&v=APEucNWpoUOKA928kgwvaUu33NWyS6ecuJ0ibPQCGKiAOTFKBJS8vIo_kphzCfBLJGJQGKu6omXrg19Vp9AkEj111tWoLYsJWA
Frame ID: 1023FE936A78EAE77514BBE76FDFF835
Requests: 4 HTTP requests in this frame

Frame: https://3a543dc8c57038aaec160c3d12fb9de6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Frame ID: 2F4CB7EBE3685CC9AAB8EB60D1C4D99C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 64BB6B065F7E054FEACAEF4A25804DBB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8A5B9B88B93671B2F062C86998C85FA9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 887CA1AFF265ABF2B6E6DFE061541182
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D973831E9C2D78A4D067A8FC7DA36D81
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudj9o1PFc1nlMsirxyLj3yENzjfyewNBvCbjqEVT-mvkf0khNLgTq6k80R-566plYQhKsHs8mtgXedQ9P7nti34KAT_zFnNFnkHIwFOFKxfsqxFFPRg7DSIi0cGKRwBP_zhPHVSrWtXACXWRg8K4kyxF3ZjTg1UR9UfzN1mV8eV58mhF1xDRzGSiwEfe9aEU1dDa_V7bHZ3l_mR9ivgJ5289ux1vnxLTv6L4Y8Y2D3Jju-hNEwSRZmpnO5nr4AS7zlvPQIzLRTfD9VXCc7oCcp7fQtPaaCZ63SQkqJH_kZlLBypgP84j2PCsQTIPmC4k9Z1HY8guUpo9CmgG1EiMVxckeIs0QJ8nqM7xv_BMtW1vHx2CcecsMkEJznKLBQ_C1Ur0UTBp0mdGB0tnXMUiOxxg&sai=AMfl-YTDxVHvyVt0-GtEhYcZgzO5zyWZ2TPJaHSq2f434EvusyV7Spv2eJ5glETSG317xLGUGz_c60jKnxcwyA1Qx7WBJvrFWROJlV4UjdbEguHiUEolWADchTCSf069Mb8&sig=Cg0ArKJSzCrhk9pPjz3rEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 32603E3FD3E737721A98BC932E6948BC
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Frame ID: 6E5B04D8661FDA767096416A0B25B710
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: F2881A3DC213CA2D637FB0D92F9854A0
Requests: 22 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5158.js
Frame ID: 54768728451EA3E170E45ED127B90B01
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 7F97AD3C90161D4550665BC8070D1301
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: C80CD38549B91C35ADC0AA75DFF95660
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 3A1A3DA8ED040EA003C665DA6E9418E0
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: A5A8DC448943C25ABECD0C8971F9A974
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: E7A2340C9AE09AF7733142EBEE65A596
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 217B85CFC0767B28F76D5934573BD68E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3F9CFF8C9748A16F11EF093C4F22E942
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 36088611A9984DE620B365A785FF503B
Requests: 6 HTTP requests in this frame

Frame: https://87f9374de54e38ddc657f0a6c02c6cfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=9
Frame ID: 76463B14C7B473781D6470105383CD4E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A6F0B6E0F54E0332B19F8108FD36E543
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8178D5CDAB9F31F2CB7964D26852CF5B
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstT8kKTQfWTIkCv_2EcNO4CtWOkcd4Qde9Cdjlt1ep3Xl8Y1LABw-Vs8Isa9_BuSMrsL0_sy1lJuly-i_MEMGkqiYVV2O7s4QIhSxvs5BWgLKmo3m3SnIZARGY6vIXLWQngVDRagqQocAEmjwszoMdjiwXYK8S1Up4EhUaIJIrNIxOHQCWyew8fnzZDdD6SC_jJjKTWuzA2bDWJhIgwhAEk3XgcFqh90eSzqrbnJh7CydfM2Y5QRur52SGZn46F658phOmePipT5AVOU3JJrZZ9ZzN7r5lX8Cb_1qy92DguGgv98HbWW_TDbCV7C0pX1tojhcLMEdcvLCJZkez47W71o4TMJKN0FJSqJE3xooHHT8aR1APH8dyrlJ1kTGBrF3lZKeMnEm5fLGnSiUfnODi_Yw&sai=AMfl-YSGPQxzPz_mNTu9qta59fP53Ebu_55qyfe6suMd9Cx2IjRMZ6p68Map0FJ1NA8GL_LAyqQdcjpFBGiCZDKshFs3EyocW7oXHh1xFrG3v-USYc_dcwehg7iLgadAetg&sig=Cg0ArKJSzBo0Up25HCfJEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 5C0C11C7F473B1281F8CB3B905A1B321
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Frame ID: 246E228770EEA5533D935BCE3F15B76E
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 98E1E312D8A55FB3B6066B461F44ACC9
Requests: 20 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: C10DAB02BC04EB2B1583246CFAA312CB
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: CFD76BEC3839CAD52C444A82A0F052A5
Requests: 6 HTTP requests in this frame

Frame: https://93e316ec37e4979788aed6448b0f2244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=12
Frame ID: 711D89CF678EB0E600EB07FCFC0A1666
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 21294B9D7DC2B0C5E319E6355FAB5DCB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 90748DD877C4BCF809AF30CCB71D2C94
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBC0XwSL0ULfIXacca_78Ktykc4M0oThdTnXl8JNybhPklUtFZT-wl6YebFZCOzeqjUdcYwpqiHF3RZAYlQdeqpwNTFqYKjRcRKvyMlwv7FvyMovIdyF31k52nDtFR8W4lFmwIJjqsx79TcCdFsSeHljPpUnwmSAfjXRP9e92EB-zrQfBmL1gmr_sP2492bDS5gZ8TY8IOuk-FMd5Rbsld4HtbYzzboLGisSg-tXbFCThJ4Fj0LZrYji-H7Fwg7TuJZdUgBQXJHHPKfI4tSttbE5eb4KKjBJVbjkVOXX5HtM88Ax5iB_GukYSEf5oAOKdRXdD5X7DIFeMdpb7ABCQ-54qPWhbDVeIOnXcS7dDDuQ14OADhe5sMqdaRyoMO6JsPtgnoToLsE34Zw1TFzkI9Rg&sai=AMfl-YT4wzBEaAPDb0oKTQWyhCSLK1CvGGfGTsRos8seQ1t8evHR-8UEmDuYhSVIUgIMzNPgWPXeGrLIan4svrEZhwQX4GAbIOS73mPwqIGfwXbidOlsr-x0QkO17wXy3gM&sig=Cg0ArKJSzECrkjNH4-jFEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 8EDE84043CA573932EF30BD518875860
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Frame ID: F8D9768BE8A51028BD8296F80AF89906
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 2E84A968C2EDCDE704A98966D5D2F662
Requests: 22 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 2AE9D6F112BD876A46450295A328EE0B
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: D30B3A530BDD21694F670E67D7110FAA
Requests: 6 HTTP requests in this frame

Frame: https://e36a608567ca68ccf16afddceeb24ff5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=15
Frame ID: AC841CB802370C86F11EFF70F8C6C2C9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 481A0475CD8AF6FBC11650569CFE3512
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EDB50333425D7EE7CEC181950F8169AE
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcOM08-spInGk72sfHDXhFQHKI0ymKK8Kyh0WnhBklqMtnmOdpWrQQfuwDZMUt34cSDJMj2yEnfb0Oc53OtjL6MIAmfME1E6EVNz7uvUwDTYjc4ZKlHOrC20Z98ylZSX2w8q6qQ3sYBW8pPyDY_VB2udpoGMozOdyzP4xRNFA393ZFo20WgiZI7P7zwDJCC3ogb-ydYRaPVsddDeyBPrNwa2bXwEdYOCTR_pCjx85ZP4AF9rAsnMsSxYqZ2iINPmMmahefwDnzYAADUfu9oC33dOnKus8jH7nsda6GnPLP4e2yesY84QTO3-msekd_TsgtMQAn-QgOJxY_DPcU8DakQ6I8aflqO1sM2xulYKFhoMdSIqIMV-0oSBSakQAXXbguHix3rmRQOMCokjzklnyQ1g&sai=AMfl-YQJfkzhTlWVKexEMVmR7yYT_5EXdHRlmt0eInTM66NRuV3KWmNq0Mx_JeTQA2pysH79P-kCIuU9lbJifc3P3OcDGNFTuQzbMd_5YeX_gYfpjyGEZbEP7xp1RMcSgUo&sig=Cg0ArKJSzGbIP6J6p_WiEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: BB8E4D94BCDFDEA413918356B13C3538
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Frame ID: 49015A9C133F217040CD2786B83D619A
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 1552966A054D4603562A102E80995C8C
Requests: 20 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 0C29A6F1AE81C3E6653A345476D83235
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 225495834EB506FD639A7FF115FBAC3A
Requests: 5 HTTP requests in this frame

Frame: https://9773af2ccec3483e4ae1d512b685dda5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=18
Frame ID: 61E7FD248BCA4B160FA3712693EC91EB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 63A75FB718595D27F8296B52FBE9A648
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C9797270ABFA44BBB6A8C2D884C8B856
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

縮短網址產生器 - reurl

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

517
Requests

90 %
HTTPS

31 %
IPv6

55
Domains

98
Subdomains

71
IPs

8
Countries

7209 kB
Transfer

16655 kB
Size

67
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
Request Chain 93
  • https://match.adsrvr.org/track/cmf/openx?oxid=695d3e26-a22d-73b9-d1c1-78ef7035f5bb&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=695d3e26-a22d-73b9-d1c1-78ef7035f5bb&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=8aafa3ec-3357-465f-8b93-db076ee3ab0b&ttd_puid=695d3e26-a22d-73b9-d1c1-78ef7035f5bb&gdpr=0&gdpr_consent=
Request Chain 94
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYFxt8Co8X0AABX4KdYAAAAA
Request Chain 95
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUGhGD1YvpeFks8AED41udsLSc8AAAGMgaQ0bw
Request Chain 97
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIdtUh-64Is-6YR0l4B-83o&google_cver=1
Request Chain 108
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 109
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESECYbj78IoFege7UfuRm7IR0&google_cver=1
Request Chain 114
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 118
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESECYbj78IoFege7UfuRm7IR0&google_cver=1
Request Chain 120
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 147
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Request Chain 148
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=3kVeXBdcDNanhgZQt3GBZQ
Request Chain 165
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=68ivNXxoTkhqMUttSnFDdU1PbVdZdTNFcitMMzV4M1VNbVdEakdLU0x6S2p2Zk5vUzEzR3RLNWRvWnJJZDRBQ3pLZjd4NkRlN2s1azFmdkFFR0Q5YmtReWRJUTJUSldrdTE4N2tweVhxTUdUcU90WHMvZ0M0blErclhMbnNiZUUvYW5sOU10RmhwQ2hCYURPajE5Q3BIaWJ6bVYyUGZWNTREbkw1MUpyMzdQZ1N5dTNJWjJIWmNadVV5SmxVM3VYcm1xWk5GU3pmT3MwMkZIRjE3cmtocFhGMDFNVDd3a1hxcllxRVFFaDlpbGVNRE4vK1pLZUorSExZTWhpSjBEYW5XcXFwRHZDSlBxejY2ZWVWNXJMSFk1ZU05QT09fA&cppv=2
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
Request Chain 192
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Request Chain 194
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
Request Chain 237
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Request Chain 238
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Request Chain 271
  • https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Request Chain 272
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrE3YUvxAlK2CljR_TyNOU&google_cver=1
Request Chain 273
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYFxuePqVg3LzPTvx101aQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrE3YUvxAlK2CljR_TyNOU&google_cver=1
Request Chain 289
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEO6qQss_Y-LqeXw6Pe7Kl5A&google_cver=1&google_push=AXcoOmSgW8pfQTSr49AmVQ5BegQUBWmGZfRkWCq8TuUIecownlemKUltd2FJ0xuoEU-aZh-y1SI7UW3uooTiewZikVKYwIIUjw4 HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1e6967f065522a3&is_secure=true&networkId=14000&version=1&google_gid=CAESEO6qQss_Y-LqeXw6Pe7Kl5A&google_cver=1&google_push=AXcoOmSgW8pfQTSr49AmVQ5BegQUBWmGZfRkWCq8TuUIecownlemKUltd2FJ0xuoEU-aZh-y1SI7UW3uooTiewZikVKYwIIUjw4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALhdgkzpFofQMlH6bnAAAAAAA&expiration=1703068474&google_cver=1&is_secure=true&google_gid=CAESEO6qQss_Y-LqeXw6Pe7Kl5A&google_push=AXcoOmSgW8pfQTSr49AmVQ5BegQUBWmGZfRkWCq8TuUIecownlemKUltd2FJ0xuoEU-aZh-y1SI7UW3uooTiewZikVKYwIIUjw4
Request Chain 290
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFhKsqTPQRoJ98TXtdc0BM0&google_cver=1&google_push=AXcoOmQZoK3rzR5PEmU3YjjzF9MEbUtRwpjYwVq76GLLKS3f8SWFQ7ui_eE4WUJEIV87lN4K6aQEzl2T8WUPS4WBBZYbVnZoAQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQZoK3rzR5PEmU3YjjzF9MEbUtRwpjYwVq76GLLKS3f8SWFQ7ui_eE4WUJEIV87lN4K6aQEzl2T8WUPS4WBBZYbVnZoAQ
Request Chain 291
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEPYd5u3hV-45aTCKmT9PBFI&google_cver=1&google_push=AXcoOmTljda1qvg8xEuYOIhFoTAe1r657BVedgtZ8_FAgN5amhhs8txr6mFjxzxcjG2liyYyuCxoNd5QwiHwcm38LPwu6oOu_WI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTljda1qvg8xEuYOIhFoTAe1r657BVedgtZ8_FAgN5amhhs8txr6mFjxzxcjG2liyYyuCxoNd5QwiHwcm38LPwu6oOu_WI&google_hm=TKi7ffRETN6WiorscZhChKg
Request Chain 292
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBdf_-xCt8vKBiX95Q_tyzM&google_cver=1&google_push=AXcoOmT1igQPJFDUJ8FohT80PiKH_91MAR9xXWyqgsuS-iTjs77ZRiG2BqgZTTspu_LGE4zIOdgcCfA3EqI7TTCpofiINqzdAzQ HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBdf_-xCt8vKBiX95Q_tyzM&google_cver=1&google_push=AXcoOmT1igQPJFDUJ8FohT80PiKH_91MAR9xXWyqgsuS-iTjs77ZRiG2BqgZTTspu_LGE4zIOdgcCfA3EqI7TTCpofiINqzdAzQ HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=fa2bf044-b486-4074-833f-b7d4c45cc3ec HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=fa2bf044-b486-4074-833f-b7d4c45cc3ec HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=3742a8a1-4200-456d-a7f7-319ef47d7fe7&user_group=1&ssp=google&bsw_param=fa2bf044-b486-4074-833f-b7d4c45cc3ec HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT1igQPJFDUJ8FohT80PiKH_91MAR9xXWyqgsuS-iTjs77ZRiG2BqgZTTspu_LGE4zIOdgcCfA3EqI7TTCpofiINqzdAzQ&google_hm=-ivwRLSGQHSDP7fUxFzD7A==
Request Chain 293
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAiH90yXvEcOVmm_7_8PACI&google_cver=1&google_push=AXcoOmTGjI12wPvsqlyHQ712dmdUZulTXetiSay7oi3itbRxYIXoDcvwmjHqy--4qr2_6rOeM4_7kkECJmmsxAS-47qydSsm6A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTGjI12wPvsqlyHQ712dmdUZulTXetiSay7oi3itbRxYIXoDcvwmjHqy--4qr2_6rOeM4_7kkECJmmsxAS-47qydSsm6A
Request Chain 294
  • https://sync.inmobi.com/gob?google_gid=CAESEGZLP0G6uM54y2PW_hIaFdk&google_cver=1&google_push=AXcoOmTz8zQLwcEmPC6NADc5vJsetJF08VxssLIOjn3MS4K3TcLZ7e_FF-3K8felFpraf3hrfmWnjpNJFShoJc-6fJrz9eKHReJ0 HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTz8zQLwcEmPC6NADc5vJsetJF08VxssLIOjn3MS4K3TcLZ7e_FF-3K8felFpraf3hrfmWnjpNJFShoJc-6fJrz9eKHReJ0 HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-6f83pJ2XamzJtfdOngFAzr03MVcoFggET41vASkibg&google_push=AXcoOmTz8zQLwcEmPC6NADc5vJsetJF08VxssLIOjn3MS4K3TcLZ7e_FF-3K8felFpraf3hrfmWnjpNJFShoJc-6fJrz9eKHReJ0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=W98g83brqzlmPXLktsuv&google_push=AXcoOmTz8zQLwcEmPC6NADc5vJsetJF08VxssLIOjn3MS4K3TcLZ7e_FF-3K8felFpraf3hrfmWnjpNJFShoJc-6fJrz9eKHReJ0&google_nid=inmobi_new_eb
Request Chain 295
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEKOaLep6fhWCdX0si0Fe4Q8&google_cver=1&google_push=AXcoOmRd3HiuxFw-5u_2Hh5IyLnhObyQry3wkf_ldfKQ07MkBN_ZKxoW7fKBhoV5I15l4ji0W_V92TUDhg9A9ujNLtbsy9onEGqz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRd3HiuxFw-5u_2Hh5IyLnhObyQry3wkf_ldfKQ07MkBN_ZKxoW7fKBhoV5I15l4ji0W_V92TUDhg9A9ujNLtbsy9onEGqz&google_hm=f5ef61caa8989bd923yo3f00lqc7k2fp
Request Chain 316
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
Request Chain 330
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Request Chain 331
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Request Chain 358
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=pTpWF196aHVBOWtzdlJnNHJudTdlMjNSWml5bHRlUU9UOGZrNmpxTGVPJTJGOENSMWttQk5XZk1kQVlUNVptUVR4b0huWWxjblJiaFpneG01NWl6T2gwYWQlMkJpYXdUaUdMRXZUaXdGWU1qcWhDTTMlMkZ0YnNQbzklMkIyaDhKRHZzQkxJaXVXYkJCYU4xRmUxYnZpZUtQTlBCeTclMkZCYVlBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=G5XZNHxBdTZRc3NLaHQwMEVyaDZsNTdSZjJYOXNXalBCK1ZKNzRuWXJMK3BTUHhoTEtiTDFMcWFNOHcyejlycWtoVmpGbzNlY0IwYTFHc3Y3d09FNGp6ZVU4U2MzL2JPZWQ3dTFjemk2N3RPTHlnNXNVeFN6V3hNUVFZWUdoL0JuK3BjL25weEpBTUhaazNKU2U2ZDNEU2dmcmp6MlRSdmd5TXlXZVNrN3F2NUdna2w4R2MzU3Y2czR0UDEyYVBNS0NWTk96TW41ZzZxaytLRTFHeU5JdmZsTWxSaFlFeS91bWNtbTBmNi9ZSWVLK2hSNUF6QWYrdlc4WHhTem90N0xoNzRXRytNQ2t4cXJSVFdJajBwQWc1NkxzVWNsbncrOU12SEx1aG83bW1MeTRlaz18&cppv=2
Request Chain 360
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=pTpWF196aHVBOWtzdlJnNHJudTdlMjNSWml5bHRlUU9UOGZrNmpxTGVPJTJGOENSMWttQk5XZk1kQVlUNVptUVR4b0huWWxjblJiaFpneG01NWl6T2gwYWQlMkJpYXdUaUdMRXZUaXdGWU1qcWhDTTMlMkZ0YnNQbzklMkIyaDhKRHZzQkxJaXVXYkJCYU4xRmUxYnZpZUtQTlBCeTclMkZCYVlBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=S3o9Mnw1MTd2M0FQbWVyaHJyNzBad0hrM28zaEZ5VWRSTVdQTWE2UGp4NEtVTmVUUVV0aDFPYlFCM050OGdtQ3VLN3VBWjJHcjBwQi92YkdzbHlTOUw0UWJkeUhtK25BanBSRllORXlDR0orUzhjUmZZWnZUd2piVDJMdTVRMVpMUmNmUzdZdmlkQlJoV2ltdHdyUE1yM296V3k2cVhkNzRGb1k1QmFrRUY0VG9hWTBQWnQ1S1ZGVUF5YXYzRTkzbkEvbm1Wd3c3YXhuZHhMbVJ1d2NjYUN5bnRFYk54MStuUG5GdFptSElzV3FPUmRWWkxBQUFJY0VMa3MrNkxmVXFDL2hxNkJ1MUtNc1dSNzE3ejNQT2haRktyWGw2Q1RaY1NUNzJjYlBsQ0VkQUpSWT18&cppv=2
Request Chain 362
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=pTpWF196aHVBOWtzdlJnNHJudTdlMjNSWml5bHRlUU9UOGZrNmpxTGVPJTJGOENSMWttQk5XZk1kQVlUNVptUVR4b0huWWxjblJiaFpneG01NWl6T2gwYWQlMkJpYXdUaUdMRXZUaXdGWU1qcWhDTTMlMkZ0YnNQbzklMkIyaDhKRHZzQkxJaXVXYkJCYU4xRmUxYnZpZUtQTlBCeTclMkZCYVlBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Wrb1KXxQYlV2MlhCYU9RMS9HOEM4WG1hSWxQWkxJL3BnRGFDcTRHQVBhYnkzN1Fud0VOWDV4QWRERUplb3BBd2p2ZjdzOTh0blozUUE4dHNyK2JJOFVDUGtrMkJIQk1nVzJ1OFRHUEpMUytGRit3QWhDVnRVdWRUc1NadXUvUXJDZm5KSXNTenozZGt3QWhwd3AvMVRQSUUvSHJjajNGK0VhNVZMS1ZtaTR2bjR0YTliRGsyTkFyVFc0U29kQnM3czVHOWY5UkYyZTk2bUZiRDJHSi8yenkwYzlaeThRNGNCU3lPMU1nbjl0eG1ETmJpL2lucGJUQ1FndXpGdGlUdm5MSDE1MXJhKy9Ua05FbzJSOEcwVjNkVEMzcUNxNzZnQWpoNkU5N3E4Ti9CUnIzaz18&cppv=2
Request Chain 363
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=pTpWF196aHVBOWtzdlJnNHJudTdlMjNSWml5bHRlUU9UOGZrNmpxTGVPJTJGOENSMWttQk5XZk1kQVlUNVptUVR4b0huWWxjblJiaFpneG01NWl6T2gwYWQlMkJpYXdUaUdMRXZUaXdGWU1qcWhDTTMlMkZ0YnNQbzklMkIyaDhKRHZzQkxJaXVXYkJCYU4xRmUxYnZpZUtQTlBCeTclMkZCYVlBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=wFwZ23xrRitYZW0zclJ0ajVzOGpvVWpVR1k0TjRBNndvRHRMbHhIeE5DS1A5RFZTd05IT3hxcStQM3RZWk9DaEVrSTVhUFkzbW0zeFI5WEZLWkZGK292UzlzK1pRTENITGtNVFFZRFpHWXpTZWVWMnBrTkpFUGxKcDhWaE8rMWxDUVB2OWJPVE5zQW1iSmhwY2g4cXVWdERjTUphcmtvMGszU3ZtbFZQSXBNZFpya1IyVWxmYkpoTy9ScVdoRkxuZ1hEMi92U2xGSlVBYmU1NmJVMUQyWG5pRWgvVGtoTGplVklJeWZvWVJSSk5WQXJXWFgzUzBPWUN1eUlaamxpZEF0eDB4ZVgxdk9LV2I5UExlYlZyclBlSWtmOENXSXd0U01uK3d5bG9ER25McENwaz18&cppv=2
Request Chain 366
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=pTpWF196aHVBOWtzdlJnNHJudTdlMjNSWml5bHRlUU9UOGZrNmpxTGVPJTJGOENSMWttQk5XZk1kQVlUNVptUVR4b0huWWxjblJiaFpneG01NWl6T2gwYWQlMkJpYXdUaUdMRXZUaXdGWU1qcWhDTTMlMkZ0YnNQbzklMkIyaDhKRHZzQkxJaXVXYkJCYU4xRmUxYnZpZUtQTlBCeTclMkZCYVlBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=EJ9V4Xx6MFFabS9KSU1aNDdoNkNtUWt2aW9xZys4VCs1NElOcEQ3T3BqTWo0N0F1TDB4ejFYV1lpV0ZWLzMwSTlLSGt2RWhaWFZ4RHFSdUo2U3AyTzRiRkVnc3kycG4rd3RYZGNndFZ0OG02VU1GM2J5a1RJWEE4L1F1bE1CVHNoa3ArN1pXdGZ0czRlWnVpK1VoQ3o5WkpkaFVBbW8rZlVoWUhzOWg2SkVETDM3djVhREJvTzluQ0RpL3Q3Rk9DTWoxTXl3OWxFUjJoa1NqaFNiOWZiVWROcVdxbWNvRVFaTnhWbWZNRlc0a1VTQzMvNmtsLzZtWEI4dVNSbE91NXN3Mm5BcVlLRWowTXgyY09kait5QjNYTUxkUUY0Z3NxNmsydmZ1MDd0NWEvdmdMUT18&cppv=2
Request Chain 391
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
Request Chain 404
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Request Chain 405
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Request Chain 419
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=_QY_g196aHVBOWtzdlJnNHJudTdlMjNSWmkwQ2VpRWdqTFR5UyUyQlVLZWtuNjg4MzJ2QkxuWnNWNEMlMkZueDVjN2JYaEtpNFB6RW00JTJCa1NZZGpJRyUyRkN4RmNuWkZDZDFjTTVEJTJGcktPWmtKcmZvTDk5VFJMWlZZZFMxWXZVekZ3aWd3UE1WdzJkZGxrTFolMkZxZUJyV1B1Qkh0R1BLSGclM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=rmQ4nnxoenlHWjN1UmlzUUduaTF6YmxSZFFjOU1qUnNNQ2E1LzFVODl5c2VGclo4MFdBbjlGd1E4RU5Xa29Od1FOaDVselVoQU5HT0lwQTNjVVZFbUZNc0RUalhZSzhUY0x4MUJ0RkZ6ays0VUZuaUFKV1UxQXNERTZ3TVlRK2VzOG1TT3JwMmY4K2hWbzB5cXIyOGxNQmlVNlo4eElnRmJHTUxJZmhmZG5OcXhnaWJBbllJdGcvSmh0b0JHclgvdTdTRDZjK3AzOE10NE4rQ2VRZm94Wm1QQjJWcVhpbEJuN2pCSlRwQUNYODdKSnp5L0lucXBWdURxdTRmeldsL2hIdjZXZHRZeTV1NTlnTXRqUmF4cUZ0Z2tBNURpcnVNSDdtMGZuTlUzSktTMURJMD18&cppv=2
Request Chain 441
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
Request Chain 453
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Request Chain 454
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Request Chain 465
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=0cjh4F96aHVBOWtzdlJnNHJudTdlMjNSWmk3eE1MWUl0ekRMNnZYWVFFZW5STXBVd3RCUnJrV2pXTDVEY3E2cklMSDdzOEpmb1YyYUJib3VGWDVUemU0VG1zWW14cHdUaXFrNVVkY3lTajJsQyUyRjRYWjAwS01RakY2SWJkOVI4bnVxSCUyRjVTS213ancwc0tYVmg0ZHZFdEpzS1F3JTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=76T2UHxJMnpUb2VDV2NIei84TGNUcmdNc09UUW56bUVFTTA0SFlUeHY0MDlYRDNPbXBRZVRGRzNLSjd4aWk3TW9OcUYydXVsRE9YT3NKaktKZzZVWndpSDFmeERMZ0xkeUtMYmVvby9ZMEd1YndNdjJWRFlLM2lxdnFiZWNqVmZ0RzBWVjc2K1hsei9NdlJvUXhzejQ0UXVOUFMvMFBLbkszaE16YU9SUXcySGRUZlgwSGo3UjNuWjRiRk1valJRQlpXQnVyU252NkVjVE1qWVRjTWQza2VUSEdRUmdYOGFHTXFkLzBBQzZUS2FpQjZsNnJseUtlN2xxQmlaazlCQnlhbTg2LzBBck12L09MMzZkbkJmNkMvR3RwM2NGaWRGd3h2QnJSVnRDNWlQV2trYz18&cppv=2
Request Chain 488
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
Request Chain 500
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Request Chain 501
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Request Chain 513
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=bmuB8V96aHVBOWtzdlJnNHJudTdlMjNSWmk1YlRuTFZjMXczZFdjWTlEYWlxM2w1RnNQWVI2Q3dneTFHcEFhNUthOHE1WjlwTllLSHBVbXlSMmpjdGljVG1JWU5vRU53YmRGd2hrUDVCNmQ5ODJIVyUyQnFFNGxlS0xxUVBia3hwQkx3JTJCVHF1N0ElMkI4NmRqWmRONXpqNURnOCUyRmsxUSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=-sNSFHxxc3ROZFFpYndXc1lVK3diSytCeFlkMGJFYXlNZmx5UElkTUZWeVcxL3FMZFlLbUVscW9ENkNDYXArTW1GM01CNnpXSjdiQk5VS2liZlNKUDdnaTlQeWY3VDQ0UmVGbUJjRFdUVUgzRmJlYnF3NG93YkkvMlhpY1ZTOHpTOVlyNGtmT1NKSzBFL01zSytkYXozTG5BN1lHdDAwcFhkRFIrcHp6aTlrd2kvL3hwengzK0tVeTBuUUtERDdSZUFPc3JjWW5oNDBDaFFyUTd4b0FHOGFLN1JjK1RTN2pqUTRab2xlUU5yVkJsN1AzU1RwY0RldG1peElaRGE2VlRZTkw1bUk3UCt0a09vcEVIejA3aHFlU05yTDN2Q0YzYTdXbDNVREJHRFl5Y2VVYz18&cppv=2

517 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request gaOWLp
reurl.cc/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8a18a24a8c0f3ecb23481ca12a1ec1f727977f33c17a8232d9c392793d87835f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 19 Dec 2023 10:34:30 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
target
https://cla2.cn/SpY
vary
Accept-Encoding Origin
x-request-id
11492d10-e05b-4c48-9a0d-f9d58ef29ff6
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Dec 2023 10:34:30 GMT
x-content-type-options
nosniff
content-encoding
br
age
4768436
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25648
x-served-by
cache-fra-eddf8230028-FRA, cache-nrt-rjtf7700068-NRT
x-jsd-version-type
version
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
storage.reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 07:18:06 GMT
content-encoding
gzip
via
1.1 google
age
11784
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
904
x-request-id
fc23a91e-473d-4f52-8b05-c25da98f9501
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
ats.js
anymind360.com/js/9479/ 		181 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/9479/ats.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f6c1aa49a5666d3e6e3998ef14751062a401fb45323d3a80d7bb0afecf0b0872
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 19 Dec 2023 04:14:05 GMT
date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
22826
x-guploader-uploadid
ABPtcPoiEqd3kxkLAeAwmJOj-ASPZmnLwjb_n6ZN5zZ--vQLrBRISRaK7bUPT1UsQKRhd7_neho
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43095
x-served-by
cache-tyo11954-TYO, cache-nrt-rjtf7700033-NRT
last-modified
Wed, 13 Dec 2023 09:45:54 GMT
server
UploadServer
x-timer
S1702982071.575124,VS0,VE0
etag
"e72b07c558bc8728eefd5f440f0b9622"
vary
Accept-Encoding
x-goog-generation
1702460754270910
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=8F8jdg==, md5=5ysHxVi8hyju/V9EDwuWIg==
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
43095
accept-ranges
bytes
x-cache-hits
294, 4
pixel.js
storage.reurl.cc/javascripts/ 		429 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 04:14:12 GMT
content-encoding
gzip
via
1.1 google
age
22818
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
322
x-request-id
6d44c8ca-49e8-425f-9180-590e84c3f1bb
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
ga2.js
storage.reurl.cc/javascripts/ 		536 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 05:38:32 GMT
content-encoding
gzip
via
1.1 google
age
17758
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
348
x-request-id
84a7fa20-6d86-4935-b8e3-423236d2420b
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		278 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fc8d16f784f3a9cc1f878f0f2ab851d076616c5c61f1df8f1e7fc50537b3ce6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93884
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 19 Dec 2023 10:34:30 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
395025577c81834c44a41a14e1b46d88ad8b5c8f9cbaccb60f1bb5e30b367d79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29466
x-xss-protection
0
server
cafe
etag
511 / 19710 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 10:34:30 GMT
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Dec 2023 10:34:30 GMT
x-content-type-options
nosniff
content-encoding
br
age
4775463
x-jsd-version
2.5.16
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33184
x-served-by
cache-fra-eddf8230020-FRA, cache-nrt-rjtf7700068-NRT
x-jsd-version-type
version
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
renews.js
storage.reurl.cc/javascripts/ 		412 B
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 06:36:37 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
14273
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
412
x-request-id
ee0c58b4-89fa-48fd-b1c4-d74895c91f16
loading.js
storage.reurl.cc/javascripts/ 		134 B
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 02:58:56 GMT
content-encoding
gzip
via
1.1 google
age
27334
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134
x-request-id
7b730473-1ec9-475b-82f4-a5fcc8512d83
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
page.php
www.facebook.com/plugins/ Frame DD15 		96 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
729c4aac8b369958b04f2ce0d6b207c7811253bcb87ccc3f1599fa4e6d2c414d
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:30 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), xr-spatial-tracking=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
Fg0rwEY5p6bMNInfv0/UIX3NdqqedovupPEW6qO/T0gw8FQPDVy9TPVWAZ4lejztuI4c4wnFTWJFWL2UIk/1GQ==
x-xss-protection
0
feeds
storage.re-news.tw/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
7d547d0218f5d9b1afd55fa28abca9d9d4a93b2c7910ac83a86874819c1268b8

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:30 GMT
via
1.1 google
x-powered-by
Express
etag
W/"1acf-CuCQQuWXR82H+dAtagAThGe/TnQ"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6863
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 19 Dec 2023 10:34:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
KQXtrtzLko6n3dbukw80qvC9Ej/Pz/IPmO/v1XfnSga/WAwnC6MAIYmr2uaKizrNJoiJw36Tx9Wk3F+p8nr9dQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Dec 2023 08:51:39 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6171
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 19 Dec 2023 10:51:39 GMT
1675200226052423
connect.facebook.net/signals/config/ 		126 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.138&r=stable&domain=reurl.cc
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2483c45bb3827712e15ed54ad8fbbd8e9380a505ee2d1183e29bab4f4b9ad5ad
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 19 Dec 2023 10:34:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
33998
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
HaeB/iJhXClQgvOfBu5kn2NNztcRlH2rrUXiMaZVee0SLpE+u44N9L0SyWJBW8c0KBgxhYTVe0AnjbpcTnAyLw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1702982070705&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1702982070703.1435004657&cs_est=true&pm=1&hrl=7a1c4f&ler=empty&it=1702982070687&coo=false&cs_cc=1&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 19 Dec 2023 10:34:30 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ 		4 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1597230521&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=900050265&gjid=131480282&cid=1091650299.1702982071&tid=UA-102456694-1&_gid=1116671492.1702982071&_r=1&_slc=1&z=815561838
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1597230521&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MzEuMjA0LjE0NS4xNjg&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1091650299.1702982071&tid=UA-102456694-1&_gid=1116671492.1702982071&z=1410894266
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 20:00:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52431
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=1091650299.1702982071&jid=900050265&gjid=131480282&_gid=1116671492.1702982071&_u=IEBAAEAAAAAAACAAI~&z=1855888313
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c13::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 19 Dec 2023 10:34:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702982070630&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1091650299.1702982071&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702982070&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=page_view&_fv=1&_ss=1&_ee=1&tfd=481
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=1091650299.1702982071&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c13::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N394QBRGC0&cid=1091650299.1702982071&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1&z=1282247035
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hixai_01.png
asset.re-news.tw/images/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.re-news.tw/images/hixai_01.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.23.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.23.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
05cab1d78cce8922cfc4b520eece4d1683d78f824894060dba4174c152f44d89

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 09:42:27 GMT
via
1.1 google
age
3123
x-guploader-uploadid
ABPtcPp-JFLTjd-SydpmGRC-ypH17V5C0T5BurFbC1Wxl75sNLMjW4_pAlisJRaE6KelvL892Y5dwT3WVBRfPTafKsYZvQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50782
last-modified
Wed, 13 Dec 2023 00:18:11 GMT
server
UploadServer
etag
"4bc4e9cf9ad6014d41500be13cd9346a"
x-goog-generation
1702426691735325
x-goog-hash
crc32c=YULtsQ==, md5=S8Tpz5rWAU1BUAvhPNk0ag==
content-type
image/png
cache-control
public,max-age=3600
x-goog-stored-content-length
50782
accept-ranges
bytes
2023121904390326.jpg
img.racingcharger.tw/wp-content/uploads/ 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.racingcharger.tw/wp-content/uploads/2023121904390326.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.216.47.122 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
61-216-47-122.hinet-ip.hinet.net
Software
Apache /
Resource Hash
8a8334a1ca1e49b8959cb62bc45c40428bcba71c7f9b78c489c433439225812f

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
last-modified
Tue, 19 Dec 2023 04:39:07 GMT
server
Apache
accept-ranges
bytes
content-length
129453
content-type
image/jpeg
HKBN_Logo.jpg
mma.prnasia.com/media2/1096385/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/1096385/HKBN_Logo.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:efc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
edbe0688b0ad4c9407dd263d728e10e8254ffeed2350193e5c7d8d8cfad3a83e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:30 GMT
cf-cache-status
HIT
age
38800
x-powered-by
ASP.NET
server-timing
intid;desc=31ceafc96013a51b
content-length
42422
cf-bgj
h2pri
last-modified
Mon, 18 Dec 2023 23:47:49 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=1
accept-ranges
bytes
cf-ray
837efe56a8f6af2b-NRT
access-control-allow-headers
Content-Type
expires
Mon, 18 Dec 2023 23:47:50 GMT
1702877652-812749e1a307f38fd0a88b54bea55ff2-840x525.png
img.gbyhn.com.tw/2023/12/ 		628 KB
629 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2023/12/1702877652-812749e1a307f38fd0a88b54bea55ff2-840x525.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:961f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0889dd0aaaf525d73cb30d2da22b5c14854544f79c8a947a8362d765ef7bc9a2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103102
alt-svc
h3=":443"; ma=86400
content-length
642933
last-modified
Mon, 18 Dec 2023 05:34:13 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yg56OeoJusiTCJSNPLAn2kL%2FMVplYGCr6wv69TqtEpFCdDtDkFHaE7%2FCxqJvHkSBL6dYO9ZgOKocAbmeV3GrQLUOnVfUbtqpIFP6TONUZLrtefGwAGsT37l80g34krbRw890Eq0JffG%2FREjeVlfv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
837efe56a883206b-NRT
expires
Mon, 25 Dec 2023 05:37:45 GMT
%E4%B8%AD%E4%BF%A1-foodpanda-%E8%81%AF%E5%90%8D%E5%8D%A1%EF%BC%8C%E6%9C%80%E9%AB%98-10-%E5%9B%9E%E9%A5%8B-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2023/12/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2023/12/%E4%B8%AD%E4%BF%A1-foodpanda-%E8%81%AF%E5%90%8D%E5%8D%A1%EF%BC%8C%E6%9C%80%E9%AB%98-10-%E5%9B%9E%E9%A5%8B-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
600c612f4248fc7e273b43e22c1d0bec2cc7ac798548e3e4c569f463f2dc919e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-ac
3.nrt _atomic_bur BYPASS
content-length
43654
x-nc
HIT bur 5
last-modified
Sun, 17 Dec 2023 16:44:01 GMT
server
nginx
etag
"8650b40f3e4675cd"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Wed, 17 Dec 2025 04:44:01 GMT
renews-title1.png
re-news.tw/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://re-news.tw/images/renews-title1.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.136.122 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
122.136.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
last-modified
Sun, 28 Nov 2021 04:19:19 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"61a30347-5fad"
content-length
24493
content-type
image/png
%E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8...
www.rayskyinvest.com/wp-content/uploads/ 		612 KB
612 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rayskyinvest.com/wp-content/uploads/%E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8C%E7%94%A8%E4%BF%A1%E7%94%A8%E5%8D%A1%E8%B2%B7%E4%B8%8B%E4%BA%BA%E7%94%9F%E7%AC%AC%E4%B8%80%E9%A1%86%E6%AF%94%E7%89%B9%E5%B9%A3-3-1140x570.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.244.153.44 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
44.153.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Tue, 19 Dec 2023 10:34:30 GMT
expires
Wed, 18 Dec 2024 03:17:53 GMT
last-modified
Sat, 02 Dec 2023 07:13:09 GMT
server
nginx
etag
"656ad905-98e3b"
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
626235
x-cdn-c
all
x-sg-cdn
1
file.png
static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 		248 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c4:6000:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-seen-by
image-manipulator-7c76496fbd-bz6ff
date
Fri, 13 Oct 2023 11:18:20 GMT
via
1.1 google, 1.1 b8b9905665aa98ca376eb826e7992a88.cloudfront.net (CloudFront)
server
openresty/1.21.4.1
x-amz-cf-pop
NRT57-C2
age
5786170
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
0nDlUe9jIsdEPtnFyCYE2Mf-SeCmoCviorlgJinaJIbUNC8mt1qauw==
content-length
253615
wix-tracer
2WhrxaKwv8p2lJNwgKmnBT7r70v
%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:30 GMT
strict-transport-security
max-age=31536000
x-ac
3.nrt _atomic_bur BYPASS
last-modified
Thu, 27 Apr 2023 05:06:22 GMT
server
nginx
etag
"644a02ce-2d1f7"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
184823
expires
Tue, 26 Dec 2023 10:34:30 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 11:39:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
82519
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 17 Dec 2024 11:39:11 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 10:34:31 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
485633
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
837efe572f1ff6d9-NRT
expires
Fri, 22 Dec 2023 10:34:30 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:29:45 GMT
content-encoding
gzip
age
1260285
x-guploader-uploadid
ABPtcPov-txRzSmQTRO-Tz408XDiITKVvPNRo9Mu4E3aZKZgOTVSS2nrvbBIooMmUkM8ZWHdCPvkPanRjsnrlPSgAeT94w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 03 Dec 2024 20:29:45 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
ebd15545e995e662fb1a27055f1e8829
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-71.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 22:15:15 GMT
content-encoding
gzip
via
1.1 3acce3e475cf6cd554c9038748d87914.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
44357
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
ffLFndJzRJCf-R5fw9PiWOu-e1uy6LuLrG2vaZkzV8s8FT5k9vkt-w==
ads
securepubads.g.doubleclick.net/gampad/ 		108 KB
26 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3988352298556606&correlator=921062636552423&eid=31079927%2C31079956%2C31079958%2C31080121%2C95320408%2C31065645%2C31068898%2C31080116&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847%2C13848%2C13856%2C14210&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702982070878&lmt=1702982070&adxs=245%2C1005%2C245%2C625&adys=455%2C108%2C108%2C108&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=1140x90%7C380x250%7C380x250%7C380x250&msz=1110x90%7C350x250%7C350x250%7C350x250&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=1091650299.1702982071&ga_sid=1702982071&ga_hid=1597230521&ga_fc=true&dlt=1702982070554&idt=295&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=81851380%2C1451399479%2C827794272%2C3242553145&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76728ccbb8a6289c9db4c2e0e9a088f5e99e6906aa220dba0a4f7e37e04ae28e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26378
x-xss-protection
0
google-lineitem-id
-2,6298588766,-1,6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,138432380934,-1,138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3988352298556606&correlator=921062636552423&eid=31079927%2C31079956%2C31079958%2C31080121%2C95320408%2C31065645%2C31068898%2C31080116&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702982070886&lmt=1702982070&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=195x-1&msz=195x-1&fws=512&ohw=0&ga_vid=1091650299.1702982071&ga_sid=1702982071&ga_hid=1597230521&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY3OSQjcgxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjc5JCNyDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y2-SQjcgxSABSAghkEhcKCHJ0YmhvdXNlGNzkkI3IMUgAUgIIZBIUCgVvcGVueBjc5JCNyDFIAFICCGQ.&dlt=1702982070554&idt=295&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=3261691140&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17dba7b542bd3d2e89991d4832fe137ac66848b9ac72da723048bdd465d9629d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12513
x-xss-protection
0
google-lineitem-id
6263003938
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138428653768
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
26bc98c029eb89f7f47928e20f90a40e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 92FC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://26bc98c029eb89f7f47928e20f90a40e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:31 GMT
expires
Wed, 18 Dec 2024 10:34:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/ Frame DD15 		20 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eb0110be59431fd3c8942faca7ee241aef70ddc66cc3316b645cc8ae6ca2b70a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QZ/F21WCMvVioyUwMJMxZA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5281
reporting-endpoints
x-fb-debug
UJQvuqHkFiDRd+6aajjknZPDzd8+jtxhyg+Khdw7oyNtd6GJJMptlSEPVBQ4/dx3X1xMkulkoBeyFlJCpOZbXA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 17:50:30 GMT
V-GL57iHfEB.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/ Frame DD15 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mEms5HNO4RW/YAm2lY0J/Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6478
reporting-endpoints
x-fb-debug
2FKOcdFgDuplfAzBKrSPAMlkPEdd5SjrCXl6DpmH/JlmoF8nPNHoIyzH9u1yNr56lus6tEeqaFWPDLtlmhm36Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 12 Dec 2024 23:18:02 GMT
L9vxdWjqRLv.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,ja_JP/ Frame DD15 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,ja_JP/L9vxdWjqRLv.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
94d523edd701a50db76faf479f4e32f007cbd97ade5339313f1e5a1ef5b35a85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
YxGy9ULmNYpse9KBe8qMZQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4833
reporting-endpoints
x-fb-debug
oP30b8Fex/12Yh8uGy4DlJzZZCBmscKw2agTXqTFQeBZl6g8f16M367GbA5+TnYOK6DAhLLIWDWnX29dhCjLGA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 19:30:54 GMT
M-4NM50a-iS.js
static.xx.fbcdn.net/rsrc.php/v3/yj/r/ Frame DD15 		355 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/M-4NM50a-iS.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
815feb5a3c616eecf145c2d70b428bd7f93854b19bd745bf8d0e91e1f24fd26b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
iwdBQhZ4wq3YVbHj5W6VNA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
93963
reporting-endpoints
x-fb-debug
IhJrQ2dLRCZoP/78d2M/pBbGfoiWmJyPhq76mEAYwPu3Cn+YskN/USJYiQQ2WVZZPCNOOYN2og3k+1eAwQBcRg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 17 Dec 2024 23:09:59 GMT
7r7tZCAH9GJ.js
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame DD15 		92 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/7r7tZCAH9GJ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a2a214081e1f3ea56cc068ad53949224dc0bf812231321efbad123cd56e60a2a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Nuy0ctrIX0iDEcbl2G69vQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26954
reporting-endpoints
x-fb-debug
DXgRxfQTtMvlGARJgOrQkQXbCasC3GAygCLKuYXrIZ91AS39xgoYNcba8NhMv+p9UC8K8huM2aJA7gYD1bGVpA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 15 Dec 2024 03:14:32 GMT
iipoaaPMQWA.js
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame DD15 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/iipoaaPMQWA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f8de7cee98aac8df37124af2410ddfc2666f8a7726c23fc9133e5dbc39e9110
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
1YRElIl3L+XHpe+ivxTrHg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3432
reporting-endpoints
x-fb-debug
rOLQh85XfAn+m4PtSmA2YPs2obpw8Lkyu9ErfixorZFKfza5E4ZZw82hqsm4pdcMS4jXP9V678MkWxJinfzdng==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 16 Dec 2024 16:00:37 GMT
ZuO3Risk2lA.js
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame DD15 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/ZuO3Risk2lA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d0bff79cd9d23c424a1dba2d385fc4a01b1a95dac1dd776e0bd295fa5586da2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3MfG3bosQwuBrrCMGI/XpQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16972
reporting-endpoints
x-fb-debug
eVHjWRtE/0D/IHGPYxJAw8hIFE+OzKTZIhsjZOpQfGe89tTM21ib7JFbETs93QjPcL45nusYt4UKC3AmscC0wg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 17 Dec 2024 15:06:35 GMT
wiFz-8NyN9X.js
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ Frame DD15 		275 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/wiFz-8NyN9X.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d48f9eb676fc877f0b9d753cfecfe75dc641a27fdd71d8ed86e6e0091d9ae5d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:30 GMT
x-content-type-options
nosniff
content-md5
SbkcCkLT7MeSBy9YJGHvtQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
275
reporting-endpoints
x-fb-debug
Pr5BcP1FV8hz2vYqPNaL5Po4yr+0CZud+vI7w1Bs9X3aPNDrABK4mNjFFSGSc1ipqBbRyV40bMi6y5vDPsS/EA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 17 Dec 2024 15:17:02 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame DD15 		507 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
reporting-endpoints
x-fb-debug
xfgMgiKBNsgcrx1lhN/KAu5TXMhdGyZN+axJ/V6pOqhxELvn5BK6ldlta88fpUHI22PCxZ55HcaQrQzpPfRI7w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 18:53:20 GMT
JMOqY9JKrro.js
static.xx.fbcdn.net/rsrc.php/v3iLxq4/yi/l/ja_JP/ Frame DD15 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLxq4/yi/l/ja_JP/JMOqY9JKrro.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f170477597d1e3c8d780789ece124ec1f6df29aa5efe45102401af3b660030f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mjvZ5joGpic7fey1cr75Fw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7933
reporting-endpoints
x-fb-debug
smONVhMBQ2e+9UJ+F1oLiixKkEErYy4PJKPY1xiq65pRmP0LREEhfVL/ogs346PJtH0z5DHqGhk1lvRmiA9ohA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 15 Dec 2024 17:26:23 GMT
KudK-WKp3ZH.js
static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/ Frame DD15 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
phAMyoOpvbhoet00DvMWkg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20298
reporting-endpoints
x-fb-debug
zQnl1qRETtKYNccCJliwClHhcTyw13j4rWamYLsyrIgq/C70aeorXkCrv32/jWzKZSjZz9bhTc825ekBnojeWA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 18:24:16 GMT
O4pjji3O2Hz.js
static.xx.fbcdn.net/rsrc.php/v3iUOk4/yL/l/ja_JP/ Frame DD15 		348 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUOk4/yL/l/ja_JP/O4pjji3O2Hz.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c080f221f569b8a4b7208f300af13ae9fd982454b06a9e4e2e66c79b81a53cdf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mimP34/guAYZEI+K5MVdWw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
83427
reporting-endpoints
x-fb-debug
nP3ZePEeJZQm9BU3aK7gwos27JVQoMe2BDTRB/cW1R6YuLJxo5irxHlFdDDy2upbPxqU79ynAUhIW0kwvdaHlw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 15 Dec 2024 17:26:23 GMT
TioQWlTZ3BG.js
static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/ Frame DD15 		397 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/TioQWlTZ3BG.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
aC8cw5hP/LLy3Ed3OJp1xQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
95634
reporting-endpoints
x-fb-debug
oLbxlQI3oDtVbvrJsptWyFdLFCxfF0/G087Hi5bym6g7yu9m4yZ03IV9hzDs3Ajl0FEGTOZTB2uYF/F0RSoXfg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 19:24:12 GMT
8DaIz0hDZK1.js
static.xx.fbcdn.net/rsrc.php/v3iB1C4/yd/l/ja_JP/ Frame DD15 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iB1C4/yd/l/ja_JP/8DaIz0hDZK1.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
372e3a6ccf4db838ce71fc2958e7243c2fc00f939e6727d32810581cf5fee54a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Pq1O5lvZ8STAHgT1H08+gQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12501
reporting-endpoints
x-fb-debug
jhgRqBINVjOBncnjxpfNCpiq9/A/KyK4IEvwHSBkcfHOV7hK45bAYokZL9hE7fALs0h4C2W6TFkmP4kI0DEO5A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 16 Dec 2024 16:00:48 GMT
uJcry4Jjx7c.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame DD15 		208 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/uJcry4Jjx7c.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6c32f431eb95abb07ba006254d697d9ac347ad016ae53d764bc6c30f74312339
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
6NU2u2NaljUSgCnnqgTgQw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
60780
reporting-endpoints
x-fb-debug
yx/RGJfFyr/spJmmvOSojymbwcIeoWou0EM0BVWsUxjN26rDiGkFEWvmbiP+tLFkY4Z7fV11EKfi1VsGdkMTzQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 15 Dec 2024 17:26:23 GMT
AtSyd-CXLO4.js
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ Frame DD15 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/AtSyd-CXLO4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2736987e98de6fc58654107cbf827e6dee07c75ca0814b7638ce694b30ec26d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
PQ5ohEVAHKXliVjJOEp6Og==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7381
reporting-endpoints
x-fb-debug
sasdSTjohNyjBPHl4glf1tAkInpMzOTtVxLGQOSTJSssD+49X+pfvEph4sGvZZ0RcukZaFrzBwzOZqL7NApOBA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 15 Dec 2024 03:15:57 GMT
-U6CwrkFkLw.js
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame DD15 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/-U6CwrkFkLw.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6eafd5ec6725e90f6b921677cd3a321fb46813d8252eef1a9858c453a648b0c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5wlfDrXyDMlD8JmH+DbWqQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6829
reporting-endpoints
x-fb-debug
EblvZk3cztYR1/3ntU3D4kgcsVWfrtACJqxKkLhDrFx3LfPf/YnW38yAXf6Ep+EJRVmV37FVpci0VoUGo92h+g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 16:39:22 GMT
HzxD9aAXSyD.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame DD15 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
oRcNmPqvdkv3ysBSBC5rSQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15157
reporting-endpoints
x-fb-debug
54fBKt62Ctn048ZKUyyflJgztsK2anPICvM+zZCLmUzlIOsizGfB75D5lrGhxKGGOx1JKcfjdWbw1c6aHmLN4A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 17 Dec 2024 22:48:22 GMT
325141786_6140032619364934_7377705774471631398_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/ Frame DD15 		0
0
305964663_450890893727816_1742559653774706626_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-1/ Frame DD15 		0
0
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=1091650299.1702982071&jid=900050265&_u=IEBAAEAAAAAAACAAI~&z=352406520
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=1091650299.1702982071&jid=900050265&_u=IEBAAEAAAAAAACAAI~&z=352406520
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
85 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
c35eb5becf75b291e51475f8bcf8a6decfa624186269fe3e367bb52dc9501c3d

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-3wSoMlfgtJqimz2eUwUhX/kzWGA"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://reurl.cc
location
/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame DD15 		573 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:31 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
reporting-endpoints
x-fb-debug
ZD3QxG4H8eTNbhHaKOzszlH4EtHKvLShzewdJeBbNtZmfDVFH+Y9gPvS5cqCqRkE52XvbU/eG5BqgT6K7eJRzw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 Dec 2024 21:03:22 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame DD15 		0
0
/
www.facebook.com/platform/plugin/page/logging/ Frame DD15 		955 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6488a34da520b9672703e366a04e1bd3dacd0abd45906806234e60c7f238e1ed
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
_EfheIsp3UyzrFLEuPIcV2
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 19 Dec 2023 10:34:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
4/RYnzG774tHg//2VNuVhUtJu4EtWIeEE1RTHK42DeHYvlg4TYWY5GbZa/KCXSRQReiA3X53Pm3PfgnBgFo3dA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame DD15 		955 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
22adb749e11c231f70329869335b75115bae99043c5b169d243029763bae954f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
_EfheIsp3UyzrFLEuPIcV2
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 19 Dec 2023 10:34:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
2UkhJleP4IlKOEMAYJwCODySE4XqSZgydHokZMQrrmTvDt3sDi9tT86TK0aZkTIeT8A7Hv6Pmh8C7bc0BfFH7A==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame DD15 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:31 GMT
x-content-type-options
nosniff
content-md5
Bsv/k/2TeJemYEeLUt4www==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12027
reporting-endpoints
x-fb-debug
9K4FVCzo+HBwGo/nn3SMybjMfx6IrRqxvjei+QzmZ4nC4zuFaBocqjCD3RyBAkw11cyzeYp/iIJ8zuTN2YIBRg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 11 Dec 2024 20:21:50 GMT
xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame DD15 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:31 GMT
x-content-type-options
nosniff
content-md5
rB4cTW8WNZcBsFntToJGtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1315
reporting-endpoints
x-fb-debug
XkOus0AgWRGI37rkLDldzMzF8qYSNxRnju++q7+S0Sw3MSXgpV5wFZsAIEk+GO5yc4B/yf2zOF7ZlhkvTepm4g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 15 Dec 2024 17:51:05 GMT
kCwDvxe1QsQ.js
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame DD15 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/kCwDvxe1QsQ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/M-4NM50a-iS.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
264a0a28c23da253d460c72e9b7ff9e297a4e02ea590c5d20a1f0fa77bc9aadd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8PPs50PtkMAX5E1OU2ogzA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3451
reporting-endpoints
x-fb-debug
B8Ddr5aOHNMp6uIVxxeTGjphbL3u/cPRcGeEgjaS+pwNvRGoHMQ33FM8HbO6zLCak6PFI8OgQ/kG7EWr33a2ZA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 15 Dec 2024 00:01:17 GMT
NWdoT9okmQL.js
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame DD15 		339 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/NWdoT9okmQL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/M-4NM50a-iS.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
66612ef55fe31efc360ff2955105c099cc366108e0d69246f98913273638d5a7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
NlfuiXop2e7pBV4Kvjq/Zw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
74668
reporting-endpoints
x-fb-debug
XxzfOGAw2Cuy+caY+FOp8hohuq5yRuRJlqc9BV5mJ5X7nwSTC8g+RQRW6Db/s3uP0+XlJlSTGRRRgea/Rs49Yw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 14 Dec 2024 17:18:38 GMT
1ZVloxTqxcM.js
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame DD15 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/1ZVloxTqxcM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/M-4NM50a-iS.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
353b802475ea4a2e76926cdf15dfc6363c09126b127e253ca8806120ff5fe85b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
I2EBJnaNMV2qKkly8o1zSQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
922
reporting-endpoints
x-fb-debug
Sg5ijmRHcYVAUBUPSrSBkz+l3vmVVbRzvw/Mk8xAwsKLu0vabTHPjEhM4c+7rYR+Bw8lDrwnckT7II0HQWO6fA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 15 Dec 2024 17:26:23 GMT
ieeHDjcGsIR.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame DD15 		213 B
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/M-4NM50a-iS.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 19 Dec 2023 10:34:31 GMT
x-content-type-options
nosniff
content-md5
oSUZEsOZh+qyGbXjvLFs7Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
213
reporting-endpoints
x-fb-debug
inD/MVYkH0LUOPxT96Yr2qjdhGA5eIn3S5oGGHpz943Iv5Fmg13wAkXZ60QVnxte3VB9ho08VAIVOFo4a1Cg9w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Tue, 17 Dec 2024 18:39:45 GMT
/
www.facebook.com/login/ Frame DD15 		0
0
/
www.facebook.com/login/ Frame DD15 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/M-4NM50a-iS.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 19 Dec 2023 10:34:31 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
O7/lYbpQhPZwn0HZugGqWE+1DwBu+YiQdnlIzkEKvUtp6ESBGQLCRCQdXJs+pq0azzGYd00o59sHhKmxlrxkQA==
x-frame-options
DENY
x-xss-protection
0
map
bcp.crwdcntrl.net/6/ 		156 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.215.70 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-215-70.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
607c4bc926857521356a4e0c02cd2527a471f77f29776cd43dd788eefd543f12

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:31 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://reurl.cc
cache-control
no-cache
x-server
10.42.22.102
access-control-allow-credentials
true
content-length
156
expires
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 9CBD 		615 B
795 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
81d6e6dd2fe3eecda65c0df4e6ac3e97bc2fc84d06059d844f4d4365e7ef51aa

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
379
content-type
text/html
date
Tue, 19 Dec 2023 10:34:31 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
view
securepubads.g.doubleclick.net/pcs/ Frame 28C7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7QhRyP2j2jEuEEg0hV6eI1UvhzxQv8xa8Nc9xaxuUXRvyVxUSL9kOIas_lw2cOSogG-2e9HwVh0xnrBZk8qspaPiLyJOzWIx_3TxxoKbP_ygQ2N_SjefgeBtKrtNXGAwV4jEb2HUms_luEpSh04LBYGymiKTWLzFm50qJqYh2oUcRQzdbtXtyWz4HqJ_VfYuqvoMFQLRVOfdCxPz3_i5engXOoCxDi3O5n9ROgU-W-OhsPzKoruULsoo-hRIlHGND1C_V8PFC1s3yVKZ3OFOlkbAXwDHPcRVx_OqIFjHrlNpcSfIHcwfmBlRFPmye-SyBk4Jm_608FisZaSiGJ5z94B9B6pYSFvkaF0r4FwYCvEZWmE1h42g1A9ut_6bF2TjdkbJ2AtKfmKM&sai=AMfl-YSOItZnywW4Q9Tb0ZQNAP-a9mDn_HQJw95yCrlBSc6Ny8l4YhJE2iSVjvBV1jW4WupA-JrrEksvgU6v5YUlnj9sCg8fmYo4_-U5UgZEFe9Mw5-Qj_URjkdjKLLRdmAg6zErl42KJpb220rV7GEIZ3aK&sig=Cg0ArKJSzMrtSakyQR27EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 19 Dec 2023 10:34:31 GMT
init.js
cdn.holmesmind.com/js/ Frame 28C7 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Tue, 19 Dec 2023 10:33:34 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
58
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
3FT0s2foyc2JZSBurdpwfC59h4gjD7q54n5GrhPJRn6srK7byjf7Vw==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 28C7 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 10:34:31 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 01D3 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 15 Dec 2023 12:56:58 GMT
age
337053
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 14 Dec 2024 12:56:58 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 01D3 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 16 Dec 2023 10:22:44 GMT
age
259907
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 15 Dec 2024 10:22:44 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 01D3 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 16 Dec 2023 19:20:30 GMT
age
227641
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 15 Dec 2024 19:20:30 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 01D3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 16 Dec 2023 07:51:07 GMT
age
269004
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 15 Dec 2024 07:51:07 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 01D3 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 16 Dec 2023 18:54:00 GMT
age
229231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 15 Dec 2024 18:54:00 GMT
truncated
/ Frame 01D3 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4afce95eaa02131c84b3112aaeba9504f2de089ecad284c9eee888da049578d

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame CB76 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyCW7OTQHK5nwblIw-irW3kwiHHvJ1F4aOZgIDIrT5h7EQ0Y5Aw36fPh4fiWiWm8LKaWHcEr7fsLpGGs9GMNwXd31xncyR5uFdHLrM_GL63XTFo7nI7ZyeC4N4sN7jZp6U5Ht9x7EE-ThOV881U6xmKBunxVMhKEpQSPT62heeT1-aSw8RnK3sCsUNR9ESCOMSgl5lnUTu0bZL_xXRlkpsph9MpI3w3QY1PHYbgM6uWaaJXt9is_DdaTXcIzRL2dqvC3ZkTsn9qe6nVC1zOtHrV_rQvejAUb-w8GeDBOOA1ft3AArHumYLev8JRNn-7jQ5gO39tqIE0bJ-p6giXURaY_tgRs837R6v8dD8YaJYP6Gzlf1hSzCoCDg11UVi--zqdpLyP42jalA&sai=AMfl-YQJ2MopOUpQrsMwkTlF0sp2WXEFWe-l6_dF0Hxn0n4n9N6wZjykOb8t4tiZGXOHHy-nxWfQyP4AFkf6zrRcY_ssBcW8O2jeFA9ZAbeWbvvhMlUkVckSufDg2uwpdicHKZNBEoL7P_-_IVuDUlsZjkBQ&sig=Cg0ArKJSzCDrgqhl6ob1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 19 Dec 2023 10:34:31 GMT
init.js
cdn.holmesmind.com/js/ Frame CB76 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
58
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
xKVHKNYeVwNuEBJTBSNKw5sNMnLTcQacO61zICNiYlg0Sj0DlBI8Cw==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CB76 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 10:34:31 GMT
13828500500685209822
tpc.googlesyndication.com/daca_images/simgad/ Frame 01D3 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/13828500500685209822
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
687ecc6bf7e06bf2d92681b39bdba2e37cb7a98a021f8d42407f6b90065384d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 15 Dec 2024 21:00:05 GMT
date
Sat, 16 Dec 2023 21:00:05 GMT
x-content-type-options
nosniff
age
221666
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41050
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 15:33:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 01D3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 16:28:30 GMT
x-content-type-options
nosniff
server
cafe
age
65161
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Tue, 19 Dec 2023 16:28:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 01D3 		344 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 19:42:57 GMT
x-content-type-options
nosniff
server
cafe
age
53494
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 19 Dec 2023 19:42:57 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702982070630&gcd=11l1l1l1l1&dma=0&cid=1091650299.1702982071&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702982070&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=scroll&epn.percent_scrolled=90&_et=3&tfd=1038
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9CBD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=695d3e26-a22d-73b9-d1c1-78ef7035f5bb&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=695d3e26-a22d-73b9-d1c1-78ef7035f5bb&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=8aafa3ec-3357-465f-8b93-db076ee3ab0b&ttd_puid=695d3e26-a22d-73b9-d1c1-78ef7035f5bb&gdpr=0&gdpr_consent=
43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=8aafa3ec-3357-465f-8b93-db076ee3ab0b&ttd_puid=695d3e26-a22d-73b9-d1c1-78ef7035f5bb&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=8aafa3ec-3357-465f-8b93-db076ee3ab0b&ttd_puid=695d3e26-a22d-73b9-d1c1-78ef7035f5bb&gdpr=0&gdpr_consent=
date
Tue, 19 Dec 2023 10:34:31 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 9CBD
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYFxt8Co8X0AABX4KdYAAAAA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYFxt8Co8X0AABX4KdYAAAAA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Tue, 19 Dec 2023 10:34:31 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"31.204.145.168","key":"ZYFxt8Co8X0AABX4KdYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40107"}
X-SO-Key
ZYFxt8Co8X0AABX4KdYAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40107
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYFxt8Co8X0AABX4KdYAAAAA
Cache-Control
private
X-SO-HostName
a-ad40107.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
4
Content-Length
0
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-IP
31.204.145.168
sd
jp-u.openx.net/w/1.0/ Frame 9CBD
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUGhGD1YvpeFks8AED41udsLSc8AAAGMgaQ0bw
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUGhGD1YvpeFks8AED41udsLSc8AAAGMgaQ0bw
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 ec7e029564542f4eb6196ab046d31626.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT57-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUGhGD1YvpeFks8AED41udsLSc8AAAGMgaQ0bw
cache-control
no-cache
content-length
0
x-amz-cf-id
wtr2xckb88jUTm2pK03RU1afPp5uE7sRwRb5fJM56fwOlUa5wfsx0w==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9CBD 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDUzMmVkZWMtNmI1YS0yZDFkLWM0MjEtMjI1NmJhZDczYmRi
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9CBD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIdtUh-64Is-6YR0l4B-83o&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIdtUh-64Is-6YR0l4B-83o&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIdtUh-64Is-6YR0l4B-83o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame 850C 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
34
content-length
9921
content-type
text/html
date
Tue, 19 Dec 2023 10:34:31 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
x-amz-cf-id
k2J5lS4NMpk8dIjc5Q5TlaP5Ge3HmBkkbzZJz9fT993jO7NwLOfuuA==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 303C 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Tue, 19 Dec 2023 10:33:48 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
44
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
Qic6C3qWta33gifQ6tirFOeOMJVwfjjimQcspfXUyk4hHWUjsQGN2A==
capmapping.htm
cdn.holmesmind.com/js/ Frame 7EEF 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
34
content-length
9921
content-type
text/html
date
Tue, 19 Dec 2023 10:34:31 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
x-amz-cf-id
p96fifqDctl_Mi68susA0wIiZuN6aJWrTPX4USo74TUlUEedRfR2FQ==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame E3DA 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
44
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
tckeYTDkA6tI9MWLqF-73q9VYG5xxJh2uMwmkjj2m-wfl4WterV-Zg==
/
cm.lndata.com/ Frame 850C 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 19 Dec 2023 10:34:31 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame A69C 		0
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.5.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-5-49.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 19 Dec 2023 10:34:31 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame 426C 		39 B
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Tue, 19 Dec 2023 10:34:34 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
cm.js
fcm2.holmesmind.com/ Frame 850C 		409 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fcm2.holmesmind.com/cm.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.194.85.18 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-85-18.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 19 Dec 2023 10:34:31 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
utag.js
t.ssp.hinet.net/ Frame 850C 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 19 Dec 2023 10:44:31 GMT
fp
cm-dev-poc.holmesmind.com/ Frame 850C 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.5.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-5-49.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 850C
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-type
text/html; charset=UTF-8
location
https://c.holmesmind.com/cm?tc=getIn&
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
google
m.holmesmind.com/ml/ Frame 850C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESECYbj78IoFege7UfuRm7IR0&google_cver=1
0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESECYbj78IoFege7UfuRm7IR0&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
x-guploader-uploadid
ABPtcPpnoYSO6gZKYuFhD9wb6LzRBAkgZsFn6CHRhaOlwG-HaZ_gbcggBtCMwRaQyRhKsPcFuP6JfUFAfuFdafRpK9ndm94uH0Jq
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Tue, 19 Dec 2023 11:34:31 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESECYbj78IoFege7UfuRm7IR0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
328
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
ad.holmesmind.com/adserver/ Frame 303C 		824 B
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=13848
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c095fd0595e1cd5f3b78dcc04a60403cf94ac140a6a9fe6193c943c086d04fc7

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:31 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 303C 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Tue, 19 Dec 2023 10:34:02 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
30
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
6VWhlgZ0WCfK41nTIgJdrfB2XQfbTtv2wIrEOt-_3n5cEMklMqj7Jg==
/
cm.lndata.com/ Frame 7EEF 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 19 Dec 2023 10:34:31 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 7EEF 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.5.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-5-49.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 7EEF
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-type
text/html; charset=UTF-8
location
https://c.holmesmind.com/cm?tc=getIn&
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
fp
cm-dev-poc.holmesmind.com/ Frame 31FA 		0
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.5.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-5-49.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 19 Dec 2023 10:34:31 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame BEEE 		39 B
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Tue, 19 Dec 2023 10:34:34 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
cm.js
fcm2.holmesmind.com/ Frame 7EEF 		409 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fcm2.holmesmind.com/cm.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.194.85.18 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-85-18.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 19 Dec 2023 10:34:31 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
google
m.holmesmind.com/ml/ Frame 7EEF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESECYbj78IoFege7UfuRm7IR0&google_cver=1
0
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESECYbj78IoFege7UfuRm7IR0&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
x-guploader-uploadid
ABPtcPoOremDW-813SL354Eckm-RMIBPf8TC3a-KApSnK6sVz7TWczkZeaH7tltpv6G5DFBge7Pol4zLrXWMKIVsXy1B5987VnRz
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Tue, 19 Dec 2023 11:34:31 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESECYbj78IoFege7UfuRm7IR0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
328
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bz
www.facebook.com/ajax/ Frame DD15 		0
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 01D3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date
Tue, 19 Dec 2023 10:34:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Preset.js
ad.holmesmind.com/adserver/ Frame E3DA 		1 KB
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:31 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame E3DA 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
30
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
A6qJY-JrfOEtzQkVdgr-lyVBVCoFNoZlIfFXCYXT2Wa2T0dumXMGgA==
13828500500685209822
tpc.googlesyndication.com/daca_images/simgad/ Frame 01D3 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/13828500500685209822
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
687ecc6bf7e06bf2d92681b39bdba2e37cb7a98a021f8d42407f6b90065384d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 15 Dec 2024 21:00:05 GMT
date
Sat, 16 Dec 2023 21:00:05 GMT
x-content-type-options
nosniff
age
221666
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41050
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 15:33:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 01D3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 16:28:30 GMT
x-content-type-options
nosniff
server
cafe
age
65161
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Tue, 19 Dec 2023 16:28:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 01D3 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 19:42:57 GMT
x-content-type-options
nosniff
server
cafe
age
53494
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 19 Dec 2023 19:42:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4BD9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvprB0PTV2YXyqUJW_OWi2qfD-hlG-p1_jGgLWTlAQyH9W4kJJNeQLEeBG0WzG978evcKaopGcW6Xv8hRa5MKokXQbzCiFEsnYG1VrKbFGlA2YwftHGi5PfJQndDdzMDRDt-f06pcuxwL_rpHmq4ju6Ub7Ym0ZmO_VvpwSrZzRkxIJfYQfJXtlg-VHXpUx6CEHV7YfwDb3ToOEnJDgGfitDe3KCVNvi_AL6I2DwZAdUqOoJG3Os1ZkuIehqKUtYQ1-C4yDCI2upR4qW53yNxVBZBD2YRzdlnWae-FG7WUEPGupg0pcGP6q8XoCuyJgpzXs9gDMXh3jioYWA8FjR37h1rbNWTWqN4nbkXxrWhwrP7ewY-NKGT94LsyyN1HUUuhSr-hbscw&sai=AMfl-YRP9ug7SB-fTwRpQZJPodH7VSYGKVtDIxcCNEvk2qsYRpbZqoXt18no2NOJSLs-V9H_P4HO1jxd9EaWyAy4FwxLX6YXw5ebNKjsGuB-Bca01tb3oceaU67OvM8BIVOMxFe-DTTprSE_-FbZ9ZzhiRUo&sig=Cg0ArKJSzJVd7ctG8KTfEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
7942.js
cnt.trvdp.com/js/1250/ Frame 4BD9 		535 B
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.trvdp.com/js/1250/7942.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.52.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-52-51.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 04:28:17 GMT
via
1.1 0351cfe7ed552069eb05c4ac51dbf9cc.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 15:54:16 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P2
age
6069975
etag
"f229c3a6991d60be41be6d40e220701e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
535
x-amz-cf-id
bE3VrQXyRiNYfFWX444hSKsT0woSCjg9Aj36391y9MfsVR67IEjP-g==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4BD9 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 10:34:31 GMT
truncated
/ Frame 28C7 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
285345486b3f5c8634d0aa3b7fc156c877ae4235cd1d395b1fabc0d0822b5317

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
syncframe
gum.criteo.com/ Frame 8930 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
96925fcf3f2e756c4ca746bea5edcf726bd05ae282e0ae4260753d62521536e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:31 GMT
server
Kestrel
server-processing-duration-in-ticks
347993
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
adview
securepubads.g.doubleclick.net/pagead/ Frame 01D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cbe-CtnGBZcvoOZOlid4P9YyHqA6Jy4nVdI-I6bycEoud1MX0QRABINLMgRpgifPFhPQToAG_3v_DA8gBAqkCcZsdTe4TPj7gAgCoAwHIAwiqBLcCT9AjyBxAuPMhI6ThJ-s6RSyjjiDZAl4VqKGJgyNDMzTcLZEm3Q6D-i9-7iydcHojZ3HKCdYmZiQ64Dsb1_dIXM20myFcY8d_YDoGhL64JVcbBkED6vp42nnEEYpK78BW_zA_S9MciNIU8p7GWKMv7J0nSfpqDJ4zCoQCrZwsjfe_uO3s52L2xpnmCTIOX0jgmkWqmewTKq7NAC6jGazszVnlOLioi_1B2MiqdQkoU3uposUHJpW5rOhuN03CuzF3R93WDVst49LszbACjCJJAuys42tmNKNKhWP1TP2wMAfC62cbhCoUeqJKzK686wLMOriPrMr46p99OwT_JNRUf9vO1oxd8oX2s26QDBNBICAODx_Jdb1ZgsP3ZCWpcSshSQceKDSmKYNG1noo1_BJIgwoQwcSzmrABKvfpq_DBOAEAYgFl7fI8keSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHqaGAPKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEELWJCNIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYv8qVy6abgwOaCZsBaHR0cHM6Ly9pdC5leHBvLml0LXRyZW5kLmpwLz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NhbXBhaWduPTE5Mjk5MTc5NDE1JnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249cmVtYXJrZXRpbmdfdjOACgPICwGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbEC2gwRCgsQ0P3mrbHv3eKeARICAQPiDRMIy4OWy6abgwMVk1LCBR11xgHl2BMM0BUBmBYBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=8rlAnZ14GgU&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_bKl8jR7LhZjjaPct5tW6HQokm9lp_ajlBkUG7KJouNeqhOsFdiBIMGKyDubaQjnGRhJ6j1UT453T2RJGnqxHbtYJKsY8iSjpSHgYAQ&cbvp=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ads.js
ad.holmesmind.com/adserver/ Frame 303C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=584&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
40e07b1603102c3c15c99ddeeab5db0148da8d6a85da1ea14f3c97dcd68387b3

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:31 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
publishertag.js
static.criteo.net/js/ld/ Frame 303C 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-20a3d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 10:34:31 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 303C 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Tue, 19 Dec 2023 10:33:58 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
34
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
ogiCN4fZtMdcP1dBJaZZMK_A0GqfozM12DChuaosIaPjZvduXJNCYw==
ucfunnel.js
cdn.holmesmind.com/js/ Frame 303C 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/ucfunnel.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6215cea030001547475bd19ec624e50c85af367309e115d7813ae4eaff664d32

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
7FnOHKe__pwg0dVwIyTfAcdImUIZ6pwv
date
Tue, 19 Dec 2023 10:34:03 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 03:54:43 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
29
x-amz-server-side-encryption
AES256
etag
"8ebabc4e0b1d40fe52514166c7db7048"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2166
x-amz-cf-id
uTikrTtM-PxHfOIemvlaSUaCDkBOtnDRd3BNFv_xmpcWV9NF07e3dQ==
ads.js
ad.holmesmind.com/adserver/ Frame E3DA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=981&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
bf08691efcbfd1c6f3d6ae2135300e78817519e37bd4f02bc0251aeb7cbcb3c4

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:31 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame E3DA 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Tue, 19 Dec 2023 10:34:06 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
26
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
Z_Dy7C-Q3HiDytVD66rfktLMgQXkJYhi1bIkGxxDNj8XydMjC59GBQ==
publishertag.js
static.criteo.net/js/ld/ Frame E3DA 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-20a3d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 10:34:31 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame E3DA 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
34
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
eEnPKd1nbPbu5fmUQuHn9p09a2_TN3V2o91Yxj_e-aQURdWR5T-uww==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame E3DA 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Tue, 19 Dec 2023 10:34:06 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
26
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
QnI3BeDhF3ZpRAiD8ERZDl9YZ57H3PCeL36MvjY02IlTLKmURo7Vqw==
appierV2.js
cdn.holmesmind.com/js/ Frame E3DA 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
L_ytFJI.iZbA3Ys9mJ75ciLmXqmRfuVO
date
Tue, 19 Dec 2023 10:34:16 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2023 06:52:43 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
16
x-amz-server-side-encryption
AES256
etag
"21253aa5d7ee0c3b700ce5f1a4a1b4d1"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3446
x-amz-cf-id
OGYHlFVNa70MLcst-41QyYVz2sVM5o4OIqomnt_GEJvdw066mLgAqA==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame E3DA 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date
Tue, 19 Dec 2023 10:34:03 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
29
x-amz-server-side-encryption
AES256
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5467
x-amz-cf-id
Qsnm1Cg-FSIVQ9-mJazakvagOa4WBS7bhy-wFWn6jvSzeNYYvD5sqA==
truncated
/ Frame CB76 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c0fab9f692280103f0094e39d80478fa6b5d314d039d5ebe2eacbd9068d27c0

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
header
hb.aralego.com/ Frame 303C 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=zh-TW&je=1&dnt=0&adid=ad-E2B6A4DA7838884AF9E83E64D69E36D&u=https%3A%2F%2Freurl.cc%2FgaOWLp&host=reurl.cc&w=300&h=250
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/ucfunnel.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.168.56 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Tue, 19 Dec 2023 10:34:31 GMT
Access-Control-Allow-Credentials
true
Connection
close
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame E3DA 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:31 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame E3DA 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.921229662785696
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
ece8465ad5cde29b5ef39e44e8784a7a473d8ceef489e21192185b78783e3a55

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Tue, 19 Dec 2023 10:34:31 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
bid
ad2.apx.appier.net/v1/prebid/ Frame E3DA
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
2 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 19 Dec 2023 10:34:31 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame E3DA
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=3kVeXBdcDNanhgZQt3GBZQ
2 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=3kVeXBdcDNanhgZQt3GBZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 19 Dec 2023 10:34:31 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=3kVeXBdcDNanhgZQt3GBZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
drawV2.js
cdn.holmesmind.com/js/ Frame E3DA 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=981&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
MSt.illVoQb3pO8IADvHgNboFaeniBxV
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 06:01:02 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
47
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
v-sKz9yeokAvKPXL7UwxL2agEJ9TEHRCA1AxFg726URI2ilNbVACSg==
drawV2.js
cdn.holmesmind.com/js/ Frame 303C 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=584&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
MSt.illVoQb3pO8IADvHgNboFaeniBxV
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 06:01:02 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
47
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
Ib3J77CpxxKYJbl0Va41xgmDbx73sRdmlTGodfpy0gsezRAouSFy7Q==
/
t.ssp.hinet.net/ Frame 850C 		37 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
28a42b672d5972d093d02e3a99c533147eb02ac6684f10715c4e95782a50f904
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame 850C 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=cb19cead-7983-401e-85f6-6f401482e2d0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
7942.js
go.trvdp.com/init/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.trvdp.com/init/7942.js
Requested by
Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1250/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-12.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 16:21:32 GMT
via
1.1 3acce3e475cf6cd554c9038748d87914.cloudfront.net (CloudFront)
last-modified
Sat, 25 Mar 2023 08:02:02 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
20283180
etag
"cec9f63f120ca9bc6868582a79e6b514"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
5845
x-amz-cf-id
rNh2rxJSvPqthddgt76DrmiHUJM7GVkPe9vELTkrOnhUU_GDTj48hw==
truncated
/ Frame 4BD9 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
307797f36b7db4d922358a5e50787a2f9d71f7920909f67624bcce71ed710b29

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 4BD9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxUJ1Ve9yT7CNRaoJTQQ1Tc4W8oI_670GpXGBztx830rz9woqlqKpV5yTV3BgtSN-7UwOomiKpTscdSTzQ3egCYPfhsrGiMnHbOG-Z4pP3F-CTXnXYeK1eb7WydwG2Jdkuja_njGIX3rHYVYDQeOCS437ML0isCg7is6Fd8XXKbjLgEQAw76RqHKjdQF-bxnD-moZGFHYRVybR88UEamQUi4tGkWcz3j3YDqU_J0VSrqfmQoWFUfFiWDDIWi-mbawDhRH-yAWcSGvFaUZUo_kWWHyHEkoeGhtgTolCX875OMFp6RMW9ugfVEglbUf_l8OecTzVS60chIIXdLIU4IPSQ6lFSk68ujfm_AfJ1Gkx9VjkLBnphN0B563ORYXs9Pl-Ns2cfJiJ&sai=AMfl-YTIe2LZwsqYRykZdkgoYU4yM71IAnNVY2g1dZMk1qO-XReDaWmKlAouYocKZL14f-M2Q_HID5w2lxe-HlSlY1ejbmFoTPAvU0aBTfzmLK6kEVzRIESEXrnNNY950YISL8awjgH6sXmgyLZZpTZ0Ra7K&sig=Cg0ArKJSzL349b0N6_EfEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 19 Dec 2023 10:34:31 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 850C 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 19 Dec 2023 10:34:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
Nr2+dmmcXB00s/pR7RaBYZEdit0Vm6RUC+KeZaJoihBHAfzI3cU3gVXlbq/6CkSZtK3ozzPCmFKL4wC0GrhzRw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 7EEF 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 19 Dec 2023 10:34:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
Nr2+dmmcXB00s/pR7RaBYZEdit0Vm6RUC+KeZaJoihBHAfzI3cU3gVXlbq/6CkSZtK3ozzPCmFKL4wC0GrhzRw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
p.php
stg.truvidplayer.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/p.php?sid=1250&wid=7942&cb=700.7526278926646&pid=5434&url=https%3A%2F%2Freurl.cc%2FgaOWLp
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-129.nrt12.r.cloudfront.net
Software
nginx /
Resource Hash
571cca2711b8b8a2c1d198efb45c2a05b24e3f356983cfb5eca706b4412055a3

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
content-encoding
gzip
via
1.1 01d4e8d94c61f8f56aebaa1af365cc6e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT12-C2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
0XzjCy-ZlCFvUZiNTUSQjeRSxRL2MfgwuuAzzm9qjnoEqBO_r1EeCw==
utag.js
t.ssp.hinet.net/ Frame 303C 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 19 Dec 2023 10:44:31 GMT
utag.js
t.ssp.hinet.net/ Frame E3DA 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 19 Dec 2023 10:44:31 GMT
/
t.ssp.hinet.net/ Frame 303C 		36 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
d3462e188d87fa7167330a4d5c811d0ff6299e5502875bf1bb0f1d583a1bd05e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame E3DA 		36 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
d3462e188d87fa7167330a4d5c811d0ff6299e5502875bf1bb0f1d583a1bd05e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame E3DA 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=145&profileId=184&cb=16004380232
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
emome2
t.ssp.hinet.net/ Frame 303C 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=cb19cead-7983-401e-85f6-6f401482e2d0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:31 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
sid
mug.criteo.com/ Frame 8930
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=68ivNXxoTkhqMUttSnFDdU1PbVdZdTNFcitMMzV4M1VNbVdEakdLU0x6S2p2Zk5vUzEzR3RLNWRvWnJJZDRBQ3pLZjd4NkRlN2s1azFmdkFFR0Q5YmtReWRJUTJUSldrdTE4N2tweVhxTUdUcU90WHMvZ0M0blErclhMbn...
430 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=68ivNXxoTkhqMUttSnFDdU1PbVdZdTNFcitMMzV4M1VNbVdEakdLU0x6S2p2Zk5vUzEzR3RLNWRvWnJJZDRBQ3pLZjd4NkRlN2s1azFmdkFFR0Q5YmtReWRJUTJUSldrdTE4N2tweVhxTUdUcU90WHMvZ0M0blErclhMbnNiZUUvYW5sOU10RmhwQ2hCYURPajE5Q3BIaWJ6bVYyUGZWNTREbkw1MUpyMzdQZ1N5dTNJWjJIWmNadVV5SmxVM3VYcm1xWk5GU3pmT3MwMkZIRjE3cmtocFhGMDFNVDd3a1hxcllxRVFFaDlpbGVNRE4vK1pLZUorSExZTWhpSjBEYW5XcXFwRHZDSlBxejY2ZWVWNXJMSFk1ZU05QT09fA&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
1e88d5a6b957bcb76a26bf58e00977f577a32614f5aa55b6b2dc89c100a685de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:32 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
887750
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=68ivNXxoTkhqMUttSnFDdU1PbVdZdTNFcitMMzV4M1VNbVdEakdLU0x6S2p2Zk5vUzEzR3RLNWRvWnJJZDRBQ3pLZjd4NkRlN2s1azFmdkFFR0Q5YmtReWRJUTJUSldrdTE4N2tweVhxTUdUcU90WHMvZ0M0blErclhMbnNiZUUvYW5sOU10RmhwQ2hCYURPajE5Q3BIaWJ6bVYyUGZWNTREbkw1MUpyMzdQZ1N5dTNJWjJIWmNadVV5SmxVM3VYcm1xWk5GU3pmT3MwMkZIRjE3cmtocFhGMDFNVDd3a1hxcllxRVFFaDlpbGVNRE4vK1pLZUorSExZTWhpSjBEYW5XcXFwRHZDSlBxejY2ZWVWNXJMSFk1ZU05QT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
322926
content-length
0
expires
0
cdb
bidder.criteo.com/ Frame 303C 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=145&profileId=184&cb=50520907773
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
float.js
s.trvdp.com/scripts/v5.832/ 		469 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.trvdp.com/scripts/v5.832/float.js
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-126.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 14:07:56 GMT
content-encoding
br
via
1.1 f67b404dafeed4f2768866a5304e91b2.cloudfront.net (CloudFront)
last-modified
Sun, 15 Oct 2023 15:13:28 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C2
age
937596
etag
W/"ae8e71eddcd185d49d5b9a8ef8a2ef6a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
cDuA4fvMkG6u34EMxPiiMngoPXGI6fNBwt8I_WF48VRmho1PDR7sBQ==
cors
rt.ad-score.com/score/ 		52 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=reurl.cc&l1=7942&l2=reurl.cc&l3=JP&l4=desktop&l5=5.832&cb=0.6264878944781211
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
35.208.216.174 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
174.216.208.35.bc.googleusercontent.com
Software
/
Resource Hash
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Dec 2023 10:34:32 GMT
Age
0
Access-Control-Allow-Methods
GET,POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://reurl.cc
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
52
cm
t.ssp.hinet.net/ Frame 850C 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=undefined&mp=cb19cead-7983-401e-85f6-6f401482e2d0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
cb19cead-7983-401e-85f6-6f401482e2d0.t.ssp.hinet.net/ Frame 850C 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cb19cead-7983-401e-85f6-6f401482e2d0.t.ssp.hinet.net/pixel?bd=cb19cead-7983-401e-85f6-6f401482e2d0&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
init.js
cdn.holmesmind.com/js/ Frame 6C7C 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
59
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
WJUWHTjZJu3Xmu-N4BS5tjkTATBHqd9zQY8jZKI5uN_FXM6M859xtA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5165 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a700694bd3a98912d02c1346736173982a3724839af1cb274f2003a5b09405df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29456
x-xss-protection
0
server
cafe
etag
22 / 19710 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 10:34:32 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame 6DEF 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
35
content-length
9921
content-type
text/html
date
Tue, 19 Dec 2023 10:34:31 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
x-amz-cf-id
5iped0t2DBZdPitZhjDcdutt6uKcyvpcIudCOos4LndAvC0Dcc_zDQ==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame CA5F 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
45
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
JDty8HNba9TJQ5aK9KpsSmJ4nHwH6BKPpH1WZWNGtn-iOddwAlpjlA==
/
cm.lndata.com/ Frame 6DEF 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 19 Dec 2023 10:34:32 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 6DEF 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.5.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-5-49.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 6DEF 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:33 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 6DEF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
x-guploader-uploadid
ABPtcProGPGCaBOVG6ACWJjtUZ2S39p0ZQvbDgTLxT5lzmifmUw4f8vw4LF_pjT4Vv_uoAfGigUlbey-o7102eqkEkWv-aEWDg16
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Tue, 19 Dec 2023 11:34:32 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
ad.holmesmind.com/adserver/ Frame CA5F 		1 KB
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=13849
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b5150c2d8be008e41735325a2c448dbf3f9a67133b98c5d990c802649172869e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:32 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame CA5F 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
31
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
1Y8SgL4qsxLFD9Mvfo6PyilrstttakE9fsAbP4RaSfTtZlSWGiLxGQ==
events
bidder.criteo.com/csm/ Frame E3DA 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame E3DA 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 13 Dec 2024 10:34:32 GMT
pixel.gif
static.criteo.net/images/ Frame E3DA 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 13 Dec 2024 10:34:32 GMT
ads.js
ad.holmesmind.com/adserver/ Frame CA5F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=925&o=1&fc=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&d=1&b=2&ts=1&ii=2&FPCK=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
984d528a4b605f800118b935c5de5dcf0dacfadd8367fbe1cc6dc59b556043c4

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:32 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame CA5F 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
27
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
56_hRPMxnypsPjTfm1ZF7__bg0dTuGaLufaTJ9uMR2Cnt5om-8aDzw==
publishertag.js
static.criteo.net/js/ld/ Frame CA5F 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-20a3d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 10:34:32 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame CA5F 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
35
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
Rz3dNZGocCUg6OSoJ_ABrEf0VHPvV9rcS4mgbR00yGEcvtKPvILqUw==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame CA5F 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
27
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
z5eukPka36ousduWJ0m_kA4LxaWUQ25JeskO313-v1zqoY8Qo28y2A==
appierV2.js
cdn.holmesmind.com/js/ Frame CA5F 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
L_ytFJI.iZbA3Ys9mJ75ciLmXqmRfuVO
date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2023 06:52:43 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
17
x-amz-server-side-encryption
AES256
etag
"21253aa5d7ee0c3b700ce5f1a4a1b4d1"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3446
x-amz-cf-id
WREdsYt8oXh1NIbCS69wva_DERiu5l1sd3aD0RMMify_BMkLWl8j_A==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame CA5F 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date
Tue, 19 Dec 2023 10:34:03 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
30
x-amz-server-side-encryption
AES256
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5467
x-amz-cf-id
VhS0FSiz10LdGCzFIzh0bgzXgA6c3f8mESGji5dTSvHEt9A1kWTVNA==
prebid.aspx
prebid.scupio.com/recweb/ Frame CA5F 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7625796302762406
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
07d1957679cd8f76d9917f8a32d824d6e368993a8e1550c2bcd79cd341b98a39

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Tue, 19 Dec 2023 10:34:31 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
bid
ad2.apx.appier.net/v1/prebid/ Frame CA5F
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 19 Dec 2023 10:34:32 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame CA5F 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:32 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame CA5F
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 19 Dec 2023 10:34:32 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
drawV2.js
cdn.holmesmind.com/js/ Frame CA5F 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=925&o=1&fc=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&d=1&b=2&ts=1&ii=2&FPCK=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
MSt.illVoQb3pO8IADvHgNboFaeniBxV
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 06:01:02 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
48
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
IWkVzcDZIOapZ2glCOAworRySpsiS3XqS3YzHnMcbX_2zeParINkhQ==
pixel.gif
static.criteo.net/images/ Frame 303C 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 13 Dec 2024 10:34:32 GMT
pixel.gif
static.criteo.net/images/ Frame 303C 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 13 Dec 2024 10:34:32 GMT
events
bidder.criteo.com/csm/ Frame 303C 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ Frame 5165 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 11:39:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
82521
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 17 Dec 2024 11:39:11 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 5165 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=770907703794337&correlator=610993872674816&eid=31079977&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3D930d1bce7898369c%3AT%3D1702982070%3ART%3D1702982070%3AS%3DALNI_MYiCmPZGPnbI7qaTgasfecmEEAHmg&gpic=UID%3D00000cb6257739e9%3AT%3D1702982070%3ART%3D1702982070%3AS%3DALNI_MafMKtM9XZUPaZCUtWzYJCmdH5LVQ&abxe=1&dt=1702982072411&lmt=1702982072&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=gjthcm5do7kr&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=3&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1091650299.1702982071&ga_sid=1702982072&ga_hid=1139643752&ga_fc=true&dlt=1702982072257&idt=144&adks=3360245792&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd040c9ecba19c1fd24d2b122f916cad05c95b4c9911186e054b70baf91a9a9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12576
x-xss-protection
0
google-lineitem-id
6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5165 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cec6c405047fb869086cb403f760805d3db3df1fb457557c24e5c376bcc7904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12319
x-xss-protection
0
container.html
6e203983f9c0fdaa201c943a45c0abb9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7AD1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6e203983f9c0fdaa201c943a45c0abb9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:32 GMT
expires
Wed, 18 Dec 2024 10:34:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
utag.js
t.ssp.hinet.net/ Frame CA5F 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 19 Dec 2023 10:44:32 GMT
cdb
bidder.criteo.com/ Frame CA5F 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=145&profileId=184&cb=94055385277
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:32 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5165 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 10:34:32 GMT
/
t.ssp.hinet.net/ Frame CA5F 		36 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
d3462e188d87fa7167330a4d5c811d0ff6299e5502875bf1bb0f1d583a1bd05e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
activeview
pagead2.googlesyndication.com/pcs/ Frame 01D3 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBYRngkM9PK1hLAikbTM_wmHAfVkBuBasx7XgkAFjIXQiipw-G5DqWIwmNkmMU1j5jQi7W1EVH6QBMuu5uK5BT5H_YszqBVr5JEiI0vk2C_hEKBfvvEV68GmlFe9jA1AuYczXWzu88A1lUty2mJArA3PvB&sai=AMfl-YQ354S4IMj8iLOcSLtMe1sjVFv8ygru6cN1AZ3wI-u9sGuxnzHwWUs8RCg1lTqjKF4GikW5Tc422lcRa2k2RVt46YGlLeMbYloQZGQvw7LAFDKFF3z7l7GhCmz1SxLcsCGVLzcpTExR1ICMVJr38A&sig=Cg0ArKJSzEJA_UTaUEmqEAE&cid=CAQSTwAvHhf_bKl8jR7LhZjjaPct5tW6HQokm9lp_ajlBkUG7KJouNeqhOsFdiBIMGKyDubaQjnGRhJ6j1UT453T2RJGnqxHbtYJKsY8iSjpSHgYAQ&id=ampim&o=270,108&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=245&tls=1245&g=100&h=100&tt=1245&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
static.criteo.net/images/ Frame CA5F 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 13 Dec 2024 10:34:32 GMT
pixel.gif
static.criteo.net/images/ Frame CA5F 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 13 Dec 2024 10:34:32 GMT
events
bidder.criteo.com/csm/ Frame CA5F 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BE1E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
118190
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 01:44:42 GMT
expires
Tue, 17 Dec 2024 01:44:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 62B5 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:818::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0604f2e9569e74bfc45735ded6c826cf6d96a037c9c72e6390cb698b2b8ff9de
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OnFp4dINn9jcz8u-jrgIlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-OnFp4dINn9jcz8u-jrgIlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:32 GMT
expires
Tue, 19 Dec 2023 10:34:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame BE1E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 08:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
93469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 08:36:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 62B5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=770907703794337&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame BE1E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2DH93w
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame DE4A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHS7NDbbjcTQBcRU9vHnuUeUponxvo420nNtJTqpO5ENDiKnx1Ws8TJ-kuTz6XqIjhTs25lmAd9w-W0xi5PTIttgv9oBQF6pVXM6RVjAtwiKTZ416OhXc31Bq66sYAJe1W16QX0r0spgfxVYJBobwPIylQLH0Zsbtx7HseKg-yeey_Dsq17Nj0yPByoAECoQiu6DspOkvXVQUZi85W_g5ee0gOOH5qRSspoRChaSTfw38HW5RCenzbBhrPy25vP026getZGrAFUZpNLJyZMVKNtW_1YsAR-JPzD-oKdVuHQ3OJ6IJk9_2xK6KjwVbdQOylbNyVNDjlmR6maL0nqJOR8Z5S10iOVsE2uPManRbAfC4LA6z2lC_PxjVVA5uqeSfWD6YPBc2bC_9i3cWGfWbWlA&sai=AMfl-YTvIN-Htg2NYVZjv4erJfCcvxSi2D-u1He0wdp3CXHX5hLBJHSqSYSbhbphvCM_XydwoTuZDSJdLqWHmDRlIewvjbv7p12GFIVIFtDNW7Kb1Tu79Xuyes6n3LPyuXs&sig=Cg0ArKJSzMGp2IDP5OduEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame DE4A 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
59
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
fCK6dI264m1r6xqI_uk9igH9OJAF9vDgX8J14_WDN1LsL9GfZ9WLLA==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DE4A 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 10:34:32 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame CF86 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
35
content-length
9921
content-type
text/html
date
Tue, 19 Dec 2023 10:34:31 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
x-amz-cf-id
DJj0yG7Pa48pybq5TmIXqHbVS8p2Bz6qBORzFwHBgc5PY-65pCtZ_w==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 0EB0 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
45
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
wS8Yfji-lHjlDmP1-HMCY7YPLu7C7RCtAGhuNG1oM0HIE_OVhqxhAw==
/
cm.lndata.com/ Frame CF86 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 19 Dec 2023 10:34:32 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cm
c.holmesmind.com/ Frame CF86 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:33 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
fp
cm-dev-poc.holmesmind.com/ Frame CF86 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.5.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-5-49.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame CF86
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
H3
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
age
0
x-guploader-uploadid
ABPtcProGPGCaBOVG6ACWJjtUZ2S39p0ZQvbDgTLxT5lzmifmUw4f8vw4LF_pjT4Vv_uoAfGigUlbey-o7102eqkEkWv-aEWDg16
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Tue, 19 Dec 2023 11:34:32 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4BD9 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqSxoqdufbpIURvUqe5bY07cPtvkp-dyg9QScsC6gPQro6Uhi7U95w5zVkURV9llrP3q5rFgNmiLK2_2VrdIEbnj5DwhhlWB0JHq0B4vvwZ4a_Hki8OgOrr0w2JFinOyA2J2U4MGEaqENRFOfbbbwTNPfH&sig=Cg0ArKJSzBDZzngTSgOsEAE&id=lidar2&mcvt=1003&p=1180,1599,1181,1600&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702982071493&rpt=253&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
ad.holmesmind.com/adserver/ Frame 0EB0 		1 KB
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:32 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 0EB0 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
31
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
-rCvkqFXEJRkxKuyfzgngwxH7nMbqHn_7g92otvlL7bIY0cYO7BxEw==
ads.js
ad.holmesmind.com/adserver/ Frame 0EB0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=622&o=1&fc=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&d=1&b=2&ts=1&ii=2&FPCK=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
df818772e50bbc32ad845f76cd1299e72443b12c17bdc11e46ee98f8389bb9ca

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:32 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 0EB0 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
27
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
Ql2g5ODzfN3EcTETQ41ryNsyP4aEAeY2K-qJIOMmTSo09OVxN0omhg==
publishertag.js
static.criteo.net/js/ld/ Frame 0EB0 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-20a3d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 10:34:32 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 0EB0 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
35
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
lrR_mEUOTOuvhULc_1oZbZN2_cj5_lF1C7upa1ma0Acm9EBgcViw3w==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 0EB0 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
27
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
C2vm7xyDYyjk3ps5zM59b9Kic7Q3tTjDEiijskxOIOS8-zIFY-LauQ==
appierV2.js
cdn.holmesmind.com/js/ Frame 0EB0 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
L_ytFJI.iZbA3Ys9mJ75ciLmXqmRfuVO
date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2023 06:52:43 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
17
x-amz-server-side-encryption
AES256
etag
"21253aa5d7ee0c3b700ce5f1a4a1b4d1"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3446
x-amz-cf-id
Pg3oGDyT0VI5zvNE8l25AedT7FoK_y0K3B-zAmTV5-PKZnY-EOBnMA==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 0EB0 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date
Tue, 19 Dec 2023 10:34:03 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
30
x-amz-server-side-encryption
AES256
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5467
x-amz-cf-id
p90G_qxDP3dI-eOWwN25-m361IsBnxb9YOuW2nhTxYMjBTT2zNgP0A==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 0EB0 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:32 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 0EB0 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.15059144159255733
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
c58c5ddeb5e7fd70c3f884b3fee71b061e93667a2a27b19b4f3eb8a7f613bdf4

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Tue, 19 Dec 2023 10:34:32 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
bid
ad2.apx.appier.net/v1/prebid/ Frame 0EB0
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 19 Dec 2023 10:34:32 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 0EB0
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 19 Dec 2023 10:34:32 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
drawV2.js
cdn.holmesmind.com/js/ Frame 0EB0 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=622&o=1&fc=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&d=1&b=2&ts=1&ii=2&FPCK=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
MSt.illVoQb3pO8IADvHgNboFaeniBxV
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 06:01:02 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
48
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
pjjBtVrTOY0-Q9u5nX5O0EPtc09MCTqmtVp0YsOyng92TPZI4FGrFw==
truncated
/ Frame DE4A 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78541a95d045825b506c33ca11e261a449d69c72e7785e6ce2ccd23232b7426c

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4839 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc6ced6d6bcd5342ac1da4259d1a0dba20c00047aecdeddf937defbf547580c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29456
x-xss-protection
0
server
cafe
etag
312 / 19710 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 10:34:33 GMT
prtct.php
stg.truvidplayer.com/v5.832/ Frame D667 		0
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/v5.832/prtct.php?val=f&geo=JP&timestamp=1702982073&level=0
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-129.nrt12.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 19 Dec 2023 10:34:33 GMT
server
nginx
via
1.1 01d4e8d94c61f8f56aebaa1af365cc6e.cloudfront.net (CloudFront)
x-amz-cf-id
7MqS7s_1MPINeZrSNMYoZzlakcUhGJb2g5t5wi7Dpkdn2L-ThDhtMg==
x-amz-cf-pop
NRT12-C2
x-cache
Miss from cloudfront
utag.js
t.ssp.hinet.net/ Frame 0EB0 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 19 Dec 2023 10:44:32 GMT
cdb
bidder.criteo.com/ Frame 0EB0 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=145&profileId=184&bundle=pTpWF196aHVBOWtzdlJnNHJudTdlMjNSWml5bHRlUU9UOGZrNmpxTGVPJTJGOENSMWttQk5XZk1kQVlUNVptUVR4b0huWWxjblJiaFpneG01NWl6T2gwYWQlMkJpYXdUaUdMRXZUaXdGWU1qcWhDTTMlMkZ0YnNQbzklMkIyaDhKRHZzQkxJaXVXYkJCYU4xRmUxYnZpZUtQTlBCeTclMkZCYVlBJTNEJTNE&cb=33466298748
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:32 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ Frame 4839 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 11:39:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
82522
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 17 Dec 2024 11:39:11 GMT
pixel.gif
static.criteo.net/images/ Frame 0EB0 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 13 Dec 2024 10:34:33 GMT
pixel.gif
static.criteo.net/images/ Frame 0EB0 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 13 Dec 2024 10:34:33 GMT
events
bidder.criteo.com/csm/ Frame 0EB0 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:33 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
ads
securepubads.g.doubleclick.net/gampad/ Frame 4839 		31 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1422160128827670&correlator=2244433951171793&eid=44809527%2C31079977&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13848-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3D930d1bce7898369c%3AT%3D1702982070%3ART%3D1702982070%3AS%3DALNI_MYiCmPZGPnbI7qaTgasfecmEEAHmg&gpic=UID%3D00000cb6257739e9%3AT%3D1702982070%3ART%3D1702982070%3AS%3DALNI_MafMKtM9XZUPaZCUtWzYJCmdH5LVQ&abxe=1&dt=1702982073108&lmt=1702982073&adxs=1030&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=uhjv9owkj4i2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=5&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1091650299.1702982071&ga_sid=1702982073&ga_hid=667859057&ga_fc=true&dlt=1702982072943&idt=154&adks=2033195636&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7cbfaf24bcfb89bd4a1da90004119abe93e6c9f6129d66a4f930dec680fd85e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13848
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4839 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd3c494f7b0125dd0f6c09188dc95fe48b0a334ec3e02462738869648dcd4ebe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12198
x-xss-protection
0
container.html
96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 38F8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:33 GMT
expires
Wed, 18 Dec 2024 10:34:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4839 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 10:34:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7E2B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
118191
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 01:44:42 GMT
expires
Tue, 17 Dec 2024 01:44:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2C60 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:818::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
08c3a4502078b574260869c3dec2f3505db4f05b216adc5dd1f7c5d8c46ddd83
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jS4fhT43jLl8pW_7Zku1sA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-jS4fhT43jLl8pW_7Zku1sA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:33 GMT
expires
Tue, 19 Dec 2023 10:34:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 7E2B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 08:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
93470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 08:36:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5165 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=770907703794337&bg=!4uGl4a7NAAY3kmNgF5I7ADQBe5WfONDhkDhsFxzovzr6xkVxhW9nf2Mq4ArysV1eOc2OnKx55p6bQf8CWTb7K9Ptt5LLAgAAAFlSAAAAAmgBB5kDJ8ozMH6YdeNIyF4GdQTvPRsNBbis2UxTn-XPh-OflrMFMzjSzX7tJpzoCedUOrFVbJagsYNQyqKZmb0RW5VhGdWVTqNjHPuUDWaaLCXITHzrWCXdHWN7KWP_TKgtrWHiJ0JMZH7rCkKWTN3Epr7pCuBt-YeTu4GXPNouKk5-wUlip7TnVtTaqMMWXS_8tuCGMeG8f01cK-2AySBHNPgLAgH9_fto23ien7u7KRDzu7tJGLCc554EI0kWFTDokUHDRzUNUvwhLroz5s2q3-t2EZNQuGjEmngil4YZ5WLxVWUpQfPEx1r7jn63iOpclFtiuhfoBMytiApsy-VsDE7gFtKjVLdd6spTENilb7Xa_DdEZf7YH98CWkiIsox1XACxW5fGxKNpqAgSqG_Qfm9qQKSZguIK0WgJUUNej482ZfxJBfESDbon2mhjfkgLumR7gK8I96l0HpSHiZ8jTRiV03OE4TH8GFE2cGUZ4xNyUfZzc7pnk5mW59PzORDeE3MX9qiJJfZ9OhuXCg3psq8lxN0g2H--YTfbt_PWPWPephM78Kc2_0HsaTlPzmLQRF9S3Lz8IG3vNl0ptPQ09IftugbnEdz4gNSg_85pOPJghMv-Czls1xWM2lvbVeZVWzGjQYY3h0sZ1lVTeJUR0jyNuXEzRteUx6C6671HkAGrHkuNvaruKRaIs7mt45Evo1Y-7Kq3qTw3-bgF4Rhp1brShxw1Ih6uUVcVAEsNpghHvT3NJCTUTNMXgEz4tRSsYb8gC_nHZTfzhMdmaC2azcJBMwsIpL7nziR_2P-WkgeTtkAhPFbE_Bn-WA6wavhe0SNd9OI4XJ8qB_p-2JnzxZ5exg7xUh31msS1kUHvPtoe8bizHROFWyq5tD5AUgpRBvt2hlm-MbHdjryNWaFvctj62NTZ5F5SFICqPrgNu4zzC1W87a4lG6HbUSqekaieUshxMeBQXHjqP7U05RBjKwzwCysBVjL3Vaul9GZGKdpTdTcPth4Zc_uyoQxgkarFwEsJ56zf7zRXzkvGInvmC_x2Tw6BBdQfMxwKdLFv_qCRc_Toc5pwyG6xjg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 2C60 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=1422160128827670&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 7E2B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ufO6Ow
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 12CF 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb08d350c7ade2b3e4fbc387bf1ca691c923db4a08a592c2f5a189ca944bdec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29460
x-xss-protection
0
server
cafe
etag
320 / 19710 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 10:34:33 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ Frame 12CF 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 11:39:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
82522
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 17 Dec 2024 11:39:11 GMT
container.html
96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B5AA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:33 GMT
expires
Wed, 18 Dec 2024 10:34:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1023 		448 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYneCIgQIwAQ&v=APEucNWpoUOKA928kgwvaUu33NWyS6ecuJ0ibPQCGKiAOTFKBJS8vIo_kphzCfBLJGJQGKu6omXrg19Vp9AkEj111tWoLYsJWA
Requested by
Host: 96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
URL: https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B5AA 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
URL: https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 10:34:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B5AA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CP-9UI9D2KYm6tIAYK6ZhOQeNviAjmIfAMu_3D4u83mCLiGGhaG5o-iBgleRmkluTFCPTavmUyIBNfC2eAywXFSa77sFYnZFNbpsaIHrN-dQ5hkdM
Requested by
Host: 96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
URL: https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B5AA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
URL: https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:44:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
31795
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 01:44:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B5AA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
URL: https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:44:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
31796
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 01:44:37 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B5AA 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
URL: https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 10:34:33 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 12CF 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2243354471740373&correlator=2647886749365698&eid=31079926%2C44809527%2C31080120%2C31079527%2C31079977&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3D930d1bce7898369c%3AT%3D1702982070%3ART%3D1702982070%3AS%3DALNI_MYiCmPZGPnbI7qaTgasfecmEEAHmg&gpic=UID%3D00000cb6257739e9%3AT%3D1702982070%3ART%3D1702982070%3AS%3DALNI_MafMKtM9XZUPaZCUtWzYJCmdH5LVQ&abxe=1&dt=1702982073627&lmt=1702982073&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=um83yxoknabl&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=6&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1091650299.1702982071&ga_sid=1702982074&ga_hid=1531783966&ga_fc=true&dlt=1702982073410&idt=208&adks=3360245792&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
679191a875613f7b133fdbe9230c9ed5c54d725ed7ee4dc27345fbef219b0472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12573
x-xss-protection
0
google-lineitem-id
6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 12CF 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2fc323f625ab36d0be4935f697e61db3883b7cf400c50c4b3e3ee1a1be6952e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12202
x-xss-protection
0
container.html
3a543dc8c57038aaec160c3d12fb9de6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2F4C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3a543dc8c57038aaec160c3d12fb9de6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:33 GMT
expires
Wed, 18 Dec 2024 10:34:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 1023
Redirect Chain
  • https://s-cs.send.microad.jp/cs?key=google_1
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYneCIgQIwAQ&v=APEucNWpoUOKA928kgwvaUu33NWyS6ecuJ0ibPQCGKiAOTFKBJS8vIo_kphzCfBLJGJQGKu6omXrg19Vp9AkEj111tWoLYsJWA
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 19 Dec 2023 10:34:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length
0
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame 1023
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrE3YUvxAlK2CljR_TyNOU&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrE3YUvxAlK2CljR_TyNOU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYneCIgQIwAQ&v=APEucNWpoUOKA928kgwvaUu33NWyS6ecuJ0ibPQCGKiAOTFKBJS8vIo_kphzCfBLJGJQGKu6omXrg19Vp9AkEj111tWoLYsJWA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wL8yFczTdJSc0c5nPg01S2xXopvn1x67jKI7v4viyWNHbQeKRIUB5qj8yDV90U1eWQFkVnFq8WU1L8FTTlWStL26ONfuaIG%2FlsicMIp9uQQnUwYk62Q4nIMNPf9xBB4UZuzSei1kCKrwSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
837efe68ee6faf8e-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrE3YUvxAlK2CljR_TyNOU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1023
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYFxuePqVg3LzPTvx101aQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrE3YUvxAlK2CljR_TyNOU&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrE3YUvxAlK2CljR_TyNOU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYneCIgQIwAQ&v=APEucNWpoUOKA928kgwvaUu33NWyS6ecuJ0ibPQCGKiAOTFKBJS8vIo_kphzCfBLJGJQGKu6omXrg19Vp9AkEj111tWoLYsJWA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3671F5ez8rC2mM10YfDoNGufNFcz5CxnrenI4RYBKvs7DIFLxkB%2BsohWJbMaHu85Ybya7qd%2BunFuhGO5VIG02YMr6NCVlsvF5w8HPE0pXsncm6%2F9tESf2ivWeFngJ%2Bz2LSXkiOPcXZlmw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
837efe692ed5af8e-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrE3YUvxAlK2CljR_TyNOU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 12CF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 10:34:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B5AA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4329289548445&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B5AA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4329289548445&version=m202309260101&ct=77&x=1&cor=7148040864140076000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B5AA 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CncE0-QiTd5mxW11nElI425VZ8An7bVNszA2Wy8yLoEtxhYCAN-FQcQX29AYyoumoomc3PCAPuYP2LQ18SBfx5apvlbjrk0FQ4F8yXuAyPg4ccCV2T9DbC6ks0j0ajl13NgvWQcXX-pksUMUK-7KhPGQAFFQDE1Fbso9MYjuH4S3RcPc8&cry=1&dbm_d=AKAmf-CNhf7NmTec7CCrXUQ6SfM8QASVHxCcnTxAVhPYkT2O5SxZmXZTbL6H7nVkBmxDs3ltS-jADCqMmKGBSmCTbsWhWY5b47epltG_b7bSpGyHqGENCruRxON1duVNeoDrYlZTcBrDWDRicXepbDkWifQ4flhiI4O5e2Dy_lb2nqux5sKXYFjqtQ2nxih9qrzIeLyM1cQg6u2VtaknloL1LzC1SWALvZti_TLTMRu0Wusg2PAq2d1htHZDpQwNWRyihFIuVSg_6afsqeLDlYgoB35Q-R4njvQjkTdxpLB3WgZ6OfX6MeyxA0kN7bPK_AE5YvTfJOt7XAjjlIwXSd6pwZP-6Inp_oMf7JbB-hUcM5jlsXJIg-qN-NPo4P0ssMom8DtVb33JPc5F7U3k0KpisbJDpRQjE8z2Y2syToSVu2yLPF1ot33FsVLaWynDmAq0P3Q3xdmeYrwmmc9yVNZE4DYQvbmQPZ7ifqvfaW44rbb-UDQMTn9J1dYHnxCkZC8nr9YWkIv9s6wOyHxpRpxk8SfzmZqLkF5yq-GZpy2yNPqgGP2WwUx97jLmiY7esLg7M7ntwrPjTNTzPCou_plME5g3g3s6yH9nyL1OkYuIc5VCiUPzgQGy5yXzoBBo4U5h7drFIXZqP0ZheIFIcu3OwWHXeORsxkmlkJ-VTSuBaZoFjGTpa-8juySsfIOEaXJIQQsjyoZ9Hwx9CmFax-fsQ73RhQT92TbsMNpKUIUF9Oxb7SoUs63PQoK8W8WzeXuwMoyo0VLqYi1Zt46lxL9EK1uiH1jPYI-Gs1ARXPU62i71e-_V1gUKb6UfmgAfoWJFNgg-TQ3R7U6--M9TEDZpyZFgAhoMD5_V2LcwNe6r6ctp33O5z1ONQuhzEkOjs83uFyqN01KcMl78HO8uM35JOkMtJZGYJXwbV2WmHrVWqgDbQ3wjHQ_3BQVhziKUBswUkZ5oMAXDZMTu3uLlCRwYOkOVyEZeu5kI51syFJSky0AZr-K-dJGhyG4wEAAdNmeWCaQvZJV33ps9xgBpV5yExmZFx7mlwj9UZ_6a9BT_g5c9Eq2Pto0ZkEcE05QSg2oB87H4jooYWeSKS-PV-kLFy1s8MuK004iSRUM0PEskJgEUY2BJztHuHPx7wOuJ-8Te4x6kORKnITTepDh-wv7YqcWIQC9En2Fvlf2_HmXn2tyxivu2QjXqo90oc8Aeulw_RLDXRzp0wsqErRJMEtK3PEdeAF60kSXTRzdYFmxr-EL3Pn_VkGOwG68p0rjaiUvM5yuv-WPOhi4jlaIyazKAHbZVbmU72ZP5Lzm2cB0TncAels-hWv_LaRpuqObtFWnW-mUOP8qvsYNbyRUEG60mvmCJdNQM2TJV8o9SzYMRvvDpjyyKlXTsqFjr2XqgRRTISv-USZ7H7UUbSCSDa1Ahr2_eIj5IexUw7LnWe23XzQUGvogxaTDdT0SbjYDFkCuK1gN5KFrXz098E-tzyyABTFt4dXaO91zVgnOt0ZMmxMxcgb0HZF6EW3EtO-s5ocQAMvaNUeWHTBnbxUtqyWI9SMp8KgM7LyxGFMLSBAjbho9gzIkJMX1PEeU3dAit0ykrgtoXVSjWZ0_Ey-YgotgSBjiTbelsrJYrppO8Kn1BqnOFUDqTxmPVC3D23VpzbJXcc3Rtco3Ym5aGzVllQoUA6Z0J4o6RvnX0CDQsMkmVlb4L09oNVB2tkeN36Q5DQ5gj0crO9SqDIhQwPz80lORlKbPtXoadfbK9aUaUmomT76WyeRdgvrBghDmIqVaCb1jcjLXBf6mz6xcNESVByZkDxUPZ_9Qdyol3ixbz_PFbUUq-f7PWArLpD9j0gR1lfh8h04ZdbCEB-rLiB2ZC5tmzE0qdSC9ZK80VVrXetqSVuQZUCyDHDX0grg-O3Id0PrXmtaIxidDMexe2OFaOvhbsZluXtMtp_ihEnliuL98A-q-uTY9Db76A7-cvVX7FfFYuuoVW_gp-cBIpZTRrjF3yTN12OxD3auAeZrWYg-r1o3tSQajmmnWcDRqzMy1SUw-9WA4QhW9OMF7ppE8yHDU39Hw6J1MIa7IXHSuKnSfaIqHT-P7FnDnlO0-K8QcfsXu91_NaqeqN9bexTSfRlo8TtJWhumBf1fiklc3aW4bWK7LqNKsHKIbdFov5Kh5JGmOTnnC_OYEfHWvewR284cU1e8g6rYqsnbCd2wGS0jcOP522zRrz9htuago8zrRlAfm6DufO6cA4oNpdnlxXSeMpR4ISbsERyuFR1PAOON6GZSFlDXkhSlGX4w29zQW2D0QPt6O5ocQMVAovjFpD42nBYRawTgrkCY9-xeRk97Kl8TE-nAi7QnobguzOCYVptQ_XO7Uimmd_9NU9Mo2R1m_KId0deAtEd4rQY6-VNBp83GkqkE6LPZpWOul41Zj4JR4iCBprkbisgCyw6IlJYKlN4HnabDDjjEHpa65tRoNBaNjz1l4GbzyRg8iQk-18QLWy-jxs7vgNEdPWKgGj2-SUi42Ac0JlDr_vYDN70hrPxa2IonR_3GQ_V0pi4KkRGvU2l6hthpNaPSLNUGG5fZEm-Ftsm-OmKA28SPHrQNnAYWlYh1_OvEQzckOaj_0oKFpIjLzs7KaXe2YTQIuP9QhZyO8zzfss6WNlX2voiajC-38fPUnoKP6Cz6OenTSKDVeW9FBMjfY_sqbgV8MW06vmVDA5wXKL292ilawDGweX4JPZp3DZdkLIJ2MQX-6pcudIqXl-Ym_D5CJsVlnl-Gh3ICDYEbS0RVLbCdTx3ZtrS7L_MpjWOI-Reyt40g_ceZu_y2yY4fZRdx65Ag36_9ZsAp3A569uRBVyGroyJyGJgzIJ9LMohxjriWewG9Fu0n0DxINVD91Zsil2NM_uQlYZcCGasc8_Bh5V6m6SZO8AzvFwrTN1vi_GvUlzDCLziRtbkVA0G3Ul_dtroJDMElSfDneFT7KK8mPj12FYQmwxxSl0fJ2EuVpVmQpzaBux-EaCGh8dFtcrMOVJujn--tHKirKwAW_utClzbCqD3tnNmy48NP7gYbp678uQTN_DdGF7zUsurXEu0Y5OkLc4Z04qzoPoej0ZQ7rdBdd3dgvaGATF3A5Vq4BTGi_MTJ9dG0vnX5eMN6BFO4wwFKfNXcVAwOrVsRXL9eC3UrVnrAH0AOE7pkFxUWQZf1qFltoEvbQoXqRSJpiBhAJhR2I7J8yRjMT9tk6VqJ9WJ-m_jh5ItcHeXS_dtoG4OvNhvYXafZSPHDXnk_Y_v96gVeuDN8wjAwg-z5pCeOP2fXcvm6pfwyE7gFZiRigtE40gRHESstxOSuvZYXmVKYWbkMun-A8eyOvhtA8vcOJ5QiqL5M2Iz6WpRPMe7VWzJlGJh_XQNm7pi30gtmLFMBn5n1o_f4ZTlV5mmOaUVRvrazUIHhoWAuBmZZmYAptEn6P8InNHai8WQ8sZOrLMF0apO0rkNytFpPpPVxoNTbvWxUVW7fuazcY7EVF5U9WA8HNfETqe3mjkdKtdKrdQzMuboBENQmMLVOm4DvMWcnITD9vBAk8YEz2fLq3guOC5p8gogM3try72BIbMnL0s94K2N0hFrWEVrCh7Q8laompVgRBcmyqGlJqOr9rXVDWD4XvenZsrujlVzCGAp-UqmhDN8BS99QV3FBdXAde9Qy81HVFBUhstkiJCcw5g4o5mfPILUi5UqLy2KOQs9c-8O93c2jIlrquMwEqObMjoV-pp55ZkmAS39Cqm1PH7jsfANtV0INp11nUdBxCAbSfi3kQdJVI1wWqxySaQL24ArP--XSeXTgv3HhI-zm6rAVmgHKvUw9dPmq0szc6TlPcfx1ihlzpp7zDovVStDO3n_rsjSHBtm3tE732Wte779_I&cid=CAQSPAAvHhf_ka6Ot8PKVYeU0wJjLHi_SfdOgVmK9L3BZMrFtOKTv7xGGmi87ye3uw-0nodaZApYWGS1f8CDURgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc&ds=l&xdt=1&iif=1&cor=7148040864140076000&adk=2997237108&idt=91&cac=0&dtd=37
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aee5a5874e68776e52e9c05f282cdcd13f3202c405bf6df6494df0d21dd30618
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14000
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 64BB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
118191
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 01:44:42 GMT
expires
Tue, 17 Dec 2024 01:44:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8A5B 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:818::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
70d53414d47eb3995c018b4e2741e724229af73f4954bf0b4fd5d721ab5ff95c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8gkUYjDcswBqcs6agsumNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-8gkUYjDcswBqcs6agsumNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:33 GMT
expires
Tue, 19 Dec 2023 10:34:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 64BB 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 08:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
93470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 08:36:43 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame B5AA 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CncE0-QiTd5mxW11nElI425VZ8An7bVNszA2Wy8yLoEtxhYCAN-FQcQX29AYyoumoomc3PCAPuYP2LQ18SBfx5apvlbjrk0FQ4F8yXuAyPg4ccCV2T9DbC6ks0j0ajl13NgvWQcXX-pksUMUK-7KhPGQAFFQDE1Fbso9MYjuH4S3RcPc8&cry=1&dbm_d=AKAmf-CNhf7NmTec7CCrXUQ6SfM8QASVHxCcnTxAVhPYkT2O5SxZmXZTbL6H7nVkBmxDs3ltS-jADCqMmKGBSmCTbsWhWY5b47epltG_b7bSpGyHqGENCruRxON1duVNeoDrYlZTcBrDWDRicXepbDkWifQ4flhiI4O5e2Dy_lb2nqux5sKXYFjqtQ2nxih9qrzIeLyM1cQg6u2VtaknloL1LzC1SWALvZti_TLTMRu0Wusg2PAq2d1htHZDpQwNWRyihFIuVSg_6afsqeLDlYgoB35Q-R4njvQjkTdxpLB3WgZ6OfX6MeyxA0kN7bPK_AE5YvTfJOt7XAjjlIwXSd6pwZP-6Inp_oMf7JbB-hUcM5jlsXJIg-qN-NPo4P0ssMom8DtVb33JPc5F7U3k0KpisbJDpRQjE8z2Y2syToSVu2yLPF1ot33FsVLaWynDmAq0P3Q3xdmeYrwmmc9yVNZE4DYQvbmQPZ7ifqvfaW44rbb-UDQMTn9J1dYHnxCkZC8nr9YWkIv9s6wOyHxpRpxk8SfzmZqLkF5yq-GZpy2yNPqgGP2WwUx97jLmiY7esLg7M7ntwrPjTNTzPCou_plME5g3g3s6yH9nyL1OkYuIc5VCiUPzgQGy5yXzoBBo4U5h7drFIXZqP0ZheIFIcu3OwWHXeORsxkmlkJ-VTSuBaZoFjGTpa-8juySsfIOEaXJIQQsjyoZ9Hwx9CmFax-fsQ73RhQT92TbsMNpKUIUF9Oxb7SoUs63PQoK8W8WzeXuwMoyo0VLqYi1Zt46lxL9EK1uiH1jPYI-Gs1ARXPU62i71e-_V1gUKb6UfmgAfoWJFNgg-TQ3R7U6--M9TEDZpyZFgAhoMD5_V2LcwNe6r6ctp33O5z1ONQuhzEkOjs83uFyqN01KcMl78HO8uM35JOkMtJZGYJXwbV2WmHrVWqgDbQ3wjHQ_3BQVhziKUBswUkZ5oMAXDZMTu3uLlCRwYOkOVyEZeu5kI51syFJSky0AZr-K-dJGhyG4wEAAdNmeWCaQvZJV33ps9xgBpV5yExmZFx7mlwj9UZ_6a9BT_g5c9Eq2Pto0ZkEcE05QSg2oB87H4jooYWeSKS-PV-kLFy1s8MuK004iSRUM0PEskJgEUY2BJztHuHPx7wOuJ-8Te4x6kORKnITTepDh-wv7YqcWIQC9En2Fvlf2_HmXn2tyxivu2QjXqo90oc8Aeulw_RLDXRzp0wsqErRJMEtK3PEdeAF60kSXTRzdYFmxr-EL3Pn_VkGOwG68p0rjaiUvM5yuv-WPOhi4jlaIyazKAHbZVbmU72ZP5Lzm2cB0TncAels-hWv_LaRpuqObtFWnW-mUOP8qvsYNbyRUEG60mvmCJdNQM2TJV8o9SzYMRvvDpjyyKlXTsqFjr2XqgRRTISv-USZ7H7UUbSCSDa1Ahr2_eIj5IexUw7LnWe23XzQUGvogxaTDdT0SbjYDFkCuK1gN5KFrXz098E-tzyyABTFt4dXaO91zVgnOt0ZMmxMxcgb0HZF6EW3EtO-s5ocQAMvaNUeWHTBnbxUtqyWI9SMp8KgM7LyxGFMLSBAjbho9gzIkJMX1PEeU3dAit0ykrgtoXVSjWZ0_Ey-YgotgSBjiTbelsrJYrppO8Kn1BqnOFUDqTxmPVC3D23VpzbJXcc3Rtco3Ym5aGzVllQoUA6Z0J4o6RvnX0CDQsMkmVlb4L09oNVB2tkeN36Q5DQ5gj0crO9SqDIhQwPz80lORlKbPtXoadfbK9aUaUmomT76WyeRdgvrBghDmIqVaCb1jcjLXBf6mz6xcNESVByZkDxUPZ_9Qdyol3ixbz_PFbUUq-f7PWArLpD9j0gR1lfh8h04ZdbCEB-rLiB2ZC5tmzE0qdSC9ZK80VVrXetqSVuQZUCyDHDX0grg-O3Id0PrXmtaIxidDMexe2OFaOvhbsZluXtMtp_ihEnliuL98A-q-uTY9Db76A7-cvVX7FfFYuuoVW_gp-cBIpZTRrjF3yTN12OxD3auAeZrWYg-r1o3tSQajmmnWcDRqzMy1SUw-9WA4QhW9OMF7ppE8yHDU39Hw6J1MIa7IXHSuKnSfaIqHT-P7FnDnlO0-K8QcfsXu91_NaqeqN9bexTSfRlo8TtJWhumBf1fiklc3aW4bWK7LqNKsHKIbdFov5Kh5JGmOTnnC_OYEfHWvewR284cU1e8g6rYqsnbCd2wGS0jcOP522zRrz9htuago8zrRlAfm6DufO6cA4oNpdnlxXSeMpR4ISbsERyuFR1PAOON6GZSFlDXkhSlGX4w29zQW2D0QPt6O5ocQMVAovjFpD42nBYRawTgrkCY9-xeRk97Kl8TE-nAi7QnobguzOCYVptQ_XO7Uimmd_9NU9Mo2R1m_KId0deAtEd4rQY6-VNBp83GkqkE6LPZpWOul41Zj4JR4iCBprkbisgCyw6IlJYKlN4HnabDDjjEHpa65tRoNBaNjz1l4GbzyRg8iQk-18QLWy-jxs7vgNEdPWKgGj2-SUi42Ac0JlDr_vYDN70hrPxa2IonR_3GQ_V0pi4KkRGvU2l6hthpNaPSLNUGG5fZEm-Ftsm-OmKA28SPHrQNnAYWlYh1_OvEQzckOaj_0oKFpIjLzs7KaXe2YTQIuP9QhZyO8zzfss6WNlX2voiajC-38fPUnoKP6Cz6OenTSKDVeW9FBMjfY_sqbgV8MW06vmVDA5wXKL292ilawDGweX4JPZp3DZdkLIJ2MQX-6pcudIqXl-Ym_D5CJsVlnl-Gh3ICDYEbS0RVLbCdTx3ZtrS7L_MpjWOI-Reyt40g_ceZu_y2yY4fZRdx65Ag36_9ZsAp3A569uRBVyGroyJyGJgzIJ9LMohxjriWewG9Fu0n0DxINVD91Zsil2NM_uQlYZcCGasc8_Bh5V6m6SZO8AzvFwrTN1vi_GvUlzDCLziRtbkVA0G3Ul_dtroJDMElSfDneFT7KK8mPj12FYQmwxxSl0fJ2EuVpVmQpzaBux-EaCGh8dFtcrMOVJujn--tHKirKwAW_utClzbCqD3tnNmy48NP7gYbp678uQTN_DdGF7zUsurXEu0Y5OkLc4Z04qzoPoej0ZQ7rdBdd3dgvaGATF3A5Vq4BTGi_MTJ9dG0vnX5eMN6BFO4wwFKfNXcVAwOrVsRXL9eC3UrVnrAH0AOE7pkFxUWQZf1qFltoEvbQoXqRSJpiBhAJhR2I7J8yRjMT9tk6VqJ9WJ-m_jh5ItcHeXS_dtoG4OvNhvYXafZSPHDXnk_Y_v96gVeuDN8wjAwg-z5pCeOP2fXcvm6pfwyE7gFZiRigtE40gRHESstxOSuvZYXmVKYWbkMun-A8eyOvhtA8vcOJ5QiqL5M2Iz6WpRPMe7VWzJlGJh_XQNm7pi30gtmLFMBn5n1o_f4ZTlV5mmOaUVRvrazUIHhoWAuBmZZmYAptEn6P8InNHai8WQ8sZOrLMF0apO0rkNytFpPpPVxoNTbvWxUVW7fuazcY7EVF5U9WA8HNfETqe3mjkdKtdKrdQzMuboBENQmMLVOm4DvMWcnITD9vBAk8YEz2fLq3guOC5p8gogM3try72BIbMnL0s94K2N0hFrWEVrCh7Q8laompVgRBcmyqGlJqOr9rXVDWD4XvenZsrujlVzCGAp-UqmhDN8BS99QV3FBdXAde9Qy81HVFBUhstkiJCcw5g4o5mfPILUi5UqLy2KOQs9c-8O93c2jIlrquMwEqObMjoV-pp55ZkmAS39Cqm1PH7jsfANtV0INp11nUdBxCAbSfi3kQdJVI1wWqxySaQL24ArP--XSeXTgv3HhI-zm6rAVmgHKvUw9dPmq0szc6TlPcfx1ihlzpp7zDovVStDO3n_rsjSHBtm3tE732Wte779_I&cid=CAQSPAAvHhf_ka6Ot8PKVYeU0wJjLHi_SfdOgVmK9L3BZMrFtOKTv7xGGmi87ye3uw-0nodaZApYWGS1f8CDURgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc&ds=l&xdt=1&iif=1&cor=7148040864140076000&adk=2997237108&idt=91&cac=0&dtd=37
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 16:33:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
151244
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Dec 2024 16:33:49 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjk4MjA3Mzc3NDY1OQogIHNlcnZlcl9pcDogMTI1NTExMTk0CiAgcHJvY2Vzc19pZDogODczMTI2OTczCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIK...
ad.doubleclick.net/ddm/activity/ Frame B5AA 		0
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjk4MjA3Mzc3NDY1OQogIHNlcnZlcl9pcDogMTI1NTExMTk0CiAgcHJvY2Vzc19pZDogODczMTI2OTczCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2Fkb2JlLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA5NzU3MDcxMjczODU4NDA5ODg0CmRlYnVnX2tleTogMTEzMTMwNDIzNzIyMjYwNTE3OTIKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTE5IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogOTIxMjI1MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM4MzY5ODQ2NAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNzQwMDg2MDc2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwODY1MzEwMzA5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTM5MTExNDUzCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2Fkb2JlLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2ZsYXNodGFsa2luZy5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: 96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
URL: https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:33 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x8912354c3c693d10000000000000000","13":"0x2a9502fbace33d660000000000000000","14":"0xba67314bd222a0170000000000000000","15":"0x62b2e3ff55b1fa9a0000000000000000"},"debug_key":"11313042372226051792","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"9757071273858409884"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 887C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
URL: https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

age
14559
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 06:31:54 GMT
etag
48472445140208031
expires
Wed, 20 Dec 2023 06:31:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B5AA 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a0256ca92a7903535874b9dd14a0b741595b459622de4956b8c702a244c7894

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 8A5B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=2243354471740373&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
/
servedby.flashtalking.com/imp/8/115752;7998036;201;jsappend;DV360;DV360FY24AcrobatRTRAcrobatCustomListJPDSKBAN300x250/ Frame B5AA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/8/115752;7998036;201;jsappend;DV360;DV360FY24AcrobatRTRAcrobatCustomListJPDSKBAN300x250/?ftOBA=1&ft_domain=reurl.cc&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Freurl.cc%2FgaOWLp&us_privacy=${US_PRIVACY}&cachebuster=376805.4257926705&ft_dv=%5B%25ft_dv%25%5D
Requested by
Host: 96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
URL: https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.112.238 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-112-238.deploy.static.akamaitechnologies.com
Software
prod-xre-app13.tky11 /
Resource Hash
92691cb0fb6e2a3b3c4e410e2a4d7963c143e8f86cd8052c19c1f29d2b7d342f
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Dec 2023 10:34:33 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app13.tky11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
924
Expires
Tue, 19 Dec 2023 10:34:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4839 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=1422160128827670&bg=!7-yl7KPNAAY3kmNgF5I7ADQBe5WfOJuohRv2jaLa4movoxm_VNzosoFOPHfrqproMp-T-6C2Lsx-P6lzNigVouGRSwdMAgAAAEVSAAAAA2gBB5kDOtuRSUcUUb_iv7voyyGk2oKbeOVjabO3ibdsvY7nXdA13de_7R2cvlchYZl9Wh3l0QPfZIGJK3-NylzT_mb4EPvwL68ccTUiucYgwJDMaEsdqBPtky--bVP60ixdGPf80SHy2Qwxyt-Jxsk-9ph4LQ_VMEsGL89sScp7_vVtkpOEZKWr_Lgt4d70gmuVBrmwpNWSjb9p4d-GeWy7u6ORBbSHbbkjkMIaKXtOq-TCyj_wEN5yfhcHB3JTnTzTqSeZp30cPiUBxSCxiiOewrTu1UNklO1zqgC2yOqXtc-4oBtqaXrZp3pADeVsFRHj-Zf52YJi9Rqoavkh6pJTPEvxPjhaCwcImClpON8h4fM0aN0_PrweidI_SOBm_8xXrHKlEVO_HJSRyr7MgtYVGWwqEt3Brz-ZF5i8LAlCH7NXecI1my1mbhc0skJwQxH-n4tw8EDLYBOWewNn7_ZrFRJ79MOfhD1FYvAcpd_1uyoRMnnXuWvHn_irukq8HsaWWp9yFNrkxTb4gIKoYauC5UF8VYC7vdNxUSLjQ7raJTgX-w62Wj5YKnpxGn41fCSoS0ICMaaG6hc9CXoq8EkDq3KWq1ocJ7_XH1_gdDC4jzCxDe4X7_loj9TzlmkqwhEUECNJejpDx1XtwKceGJl32J6CQ5vjXV38SBp-IwPxexyj-JfX37PCNQzlsjGvsUQPSorEB0BAidBDoL4lANZn7RgsxDX66vSY54TlXjzJxZijqv_tbA2K_jQbxAvBbXsP2WPH0KUHvGLBzpAhK_kSo8sucXjyYonMlciHuZnGMI5tT6JTPsaWogSTGcx8lnVD4D1H0x19v4MDMilJLORin7AOoWAlelEeL_0K2qOy_TycZETdSFCtZaGs4i-R3Y1SY5OGXxBXQ675XK732aVI1k6PlMfMdNLgeXpP40zB0-ikn6WNZ70ULWGZjloVDF9jc9NfJYPlgQuVXDUV834peXGQU9Tw92dkkl5NJ0hneoUST14wGY6_-XH8wI6M1X8e_J5eHwX7ImKuonq0zchVyFybk2DuIWGlueOdQTUcSxKjaP-Eyw0sms_Ky8vLCRLaokhj_9bTrkzkViWZBas
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame D973 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
151243
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 16:33:50 GMT
expires
Mon, 16 Dec 2024 16:33:50 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 887C
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEO6qQss_Y-LqeXw6Pe7Kl5A&google_cver=1&google_push=AXcoOmSgW8pfQTSr49AmVQ5BegQUBWmGZfRkWCq8TuUIecownlemKUl...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1e6967f065522a3&is_secure=true&networkId=14000&version=1&google_gid=CAESEO6qQss_Y-LqeXw6Pe7Kl5A&google_cver=1&google_push=AXcoOmSgW8pfQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALhdgkzpFofQMlH6bnAAAAAAA&expiration=1703068474&google_cver=1&is_secure=true&google_gid=CAESEO6qQss_Y-LqeXw6Pe7Kl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALhdgkzpFofQMlH6bnAAAAAAA&expiration=1703068474&google_cver=1&is_secure=true&google_gid=CAESEO6qQss_Y-LqeXw6Pe7Kl5A&google_push=AXcoOmSgW8pfQTSr49AmVQ5BegQUBWmGZfRkWCq8TuUIecownlemKUltd2FJ0xuoEU-aZh-y1SI7UW3uooTiewZikVKYwIIUjw4
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:34 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALhdgkzpFofQMlH6bnAAAAAAA&expiration=1703068474&google_cver=1&is_secure=true&google_gid=CAESEO6qQss_Y-LqeXw6Pe7Kl5A&google_push=AXcoOmSgW8pfQTSr49AmVQ5BegQUBWmGZfRkWCq8TuUIecownlemKUltd2FJ0xuoEU-aZh-y1SI7UW3uooTiewZikVKYwIIUjw4
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 887C
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFhKsqTPQRoJ98TXtdc0BM0&google_cver=1&google_push=AXcoOmQZoK3rzR5PEmU3YjjzF9MEbUtRwpjYwVq76GLLKS3f8SWFQ7ui_eE4WUJEIV87lN4K6aQEz...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQZoK3rzR5PEmU3YjjzF9MEbUtRwpjYwVq76GLLKS3f8SWFQ7ui_eE4WUJEIV87lN4K6aQEzl2T8WUPS4WBBZYbVnZoAQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQZoK3rzR5PEmU3YjjzF9MEbUtRwpjYwVq76GLLKS3f8SWFQ7ui_eE4WUJEIV87lN4K6aQEzl2T8WUPS4WBBZYbVnZoAQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 19 Dec 2023 10:34:33 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: D12BE14F54A74AA08335A27DD8B11892 Ref B: TYBEDGE0820 Ref C: 2023-12-19T10:34:33Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQZoK3rzR5PEmU3YjjzF9MEbUtRwpjYwVq76GLLKS3f8SWFQ7ui_eE4WUJEIV87lN4K6aQEzl2T8WUPS4WBBZYbVnZoAQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAYM2mmUXv+oW9hebghCUg==
pixel
cm.g.doubleclick.net/ Frame 887C
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEPYd5u3hV-45aTCKmT9PBFI&google_cver=1&google_push=AXcoOmTljda1qvg8xEuYOIhFoTAe1r657BVedgtZ8_FAgN5amhhs8txr6mFjxzxcjG2liyYyuCxoNd5...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTljda1qvg8xEuYOIhFoTAe1r657BVedgtZ8_FAgN5amhhs8txr6mFjxzxcjG2liyYyuCxoNd5QwiHwcm38LPwu6oOu_WI&google_hm=TKi7ffRETN6WiorscZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTljda1qvg8xEuYOIhFoTAe1r657BVedgtZ8_FAgN5amhhs8txr6mFjxzxcjG2liyYyuCxoNd5QwiHwcm38LPwu6oOu_WI&google_hm=TKi7ffRETN6WiorscZhChKg
Requested by
Host: 96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
URL: https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:33 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTljda1qvg8xEuYOIhFoTAe1r657BVedgtZ8_FAgN5amhhs8txr6mFjxzxcjG2liyYyuCxoNd5QwiHwcm38LPwu6oOu_WI&google_hm=TKi7ffRETN6WiorscZhChKg
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 887C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBdf_-xCt8vKBiX95Q_tyzM&google_cver=1&google_push=AXcoOmT1igQPJFDUJ8FohT80PiKH_91MAR9xXWyqgsuS-iTjs77ZRiG2BqgZTTspu_LGE4zIOdgcCfA3EqI7TTCpofiI...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBdf_-xCt8vKBiX95Q_tyzM&google_cver=1&google_push=AXcoOmT1igQPJFDUJ8FohT80PiKH_91MAR9xXWyqgsuS-iTjs77ZRiG2BqgZTTspu_LGE4zIOdgcCfA3EqI7TT...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=fa2bf044-b486-4074-833f-b7d4c45cc3ec
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=fa2bf044-b486-4074-833f-b7d4c45cc3ec
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=3742a8a1-4200-456d-a7f7-319ef47d7fe7&user_group=1&ssp=google&bsw_param=fa2bf044-b486-4074-833f-b7d4c45cc3ec
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT1igQPJFDUJ8FohT80PiKH_91MAR9xXWyqgsuS-iTjs77ZRiG2BqgZTTspu_LGE4zIOdgcCfA3EqI7TTCpofiINqzdAzQ&google_hm=-ivwRLSGQHSDP7fUxFzD7A==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT1igQPJFDUJ8FohT80PiKH_91MAR9xXWyqgsuS-iTjs77ZRiG2BqgZTTspu_LGE4zIOdgcCfA3EqI7TTCpofiINqzdAzQ&google_hm=-ivwRLSGQHSDP7fUxFzD7A==
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT1igQPJFDUJ8FohT80PiKH_91MAR9xXWyqgsuS-iTjs77ZRiG2BqgZTTspu_LGE4zIOdgcCfA3EqI7TTCpofiINqzdAzQ&google_hm=-ivwRLSGQHSDP7fUxFzD7A==
Date
Tue, 19 Dec 2023 10:34:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 887C
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAiH90yXvEcOVmm_7_8PACI&google_cver=1&google_push=AXcoOmTGjI12wPvsqlyHQ712dmdUZulTXetiSay7oi3itbRxYIXoDcvwmjHqy--4qr2_6rOeM4_7kkECJmms...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTGjI12wPvsqlyHQ712dmdUZulTXetiSay7oi3itbRxYIXoDcvwmjHqy--4qr2_6rOeM4_7kkECJmmsxAS-47qydSsm6A
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTGjI12wPvsqlyHQ712dmdUZulTXetiSay7oi3itbRxYIXoDcvwmjHqy--4qr2_6rOeM4_7kkECJmmsxAS-47qydSsm6A
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTGjI12wPvsqlyHQ712dmdUZulTXetiSay7oi3itbRxYIXoDcvwmjHqy--4qr2_6rOeM4_7kkECJmmsxAS-47qydSsm6A
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 887C
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEGZLP0G6uM54y2PW_hIaFdk&google_cver=1&google_push=AXcoOmTz8zQLwcEmPC6NADc5vJsetJF08VxssLIOjn3MS4K3TcLZ7e_FF-3K8felFpraf3hrfmWnjpNJFShoJc-6fJrz9eKHReJ0
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTz8zQLwcEmPC6NADc5vJsetJF08VxssLIOjn3MS4K3...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-6f83pJ2XamzJtfdOngFAzr03MVcoFggET41vASkibg&google_push=AXcoOmTz8zQLwcEmPC6NADc5vJsetJF08VxssLIOjn3MS4K3TcLZ7e_FF-3K8felFpraf3hrfmWnjpNJFShoJc-6fJrz...
  • https://cm.g.doubleclick.net/pixel?google_hm=W98g83brqzlmPXLktsuv&google_push=AXcoOmTz8zQLwcEmPC6NADc5vJsetJF08VxssLIOjn3MS4K3TcLZ7e_FF-3K8felFpraf3hrfmWnjpNJFShoJc-6fJrz9eKHReJ0&google_nid=inmobi_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=W98g83brqzlmPXLktsuv&google_push=AXcoOmTz8zQLwcEmPC6NADc5vJsetJF08VxssLIOjn3MS4K3TcLZ7e_FF-3K8felFpraf3hrfmWnjpNJFShoJc-6fJrz9eKHReJ0&google_nid=inmobi_new_eb
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 19 Dec 2023 10:34:35 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=W98g83brqzlmPXLktsuv&google_push=AXcoOmTz8zQLwcEmPC6NADc5vJsetJF08VxssLIOjn3MS4K3TcLZ7e_FF-3K8felFpraf3hrfmWnjpNJFShoJc-6fJrz9eKHReJ0&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
225
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 887C
Redirect Chain
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEKOaLep6fhWCdX0si0Fe4Q8&google_cver=1&google_push=AXcoOmRd3HiuxFw-5u_2Hh5IyLnhObyQry3wkf_ldfKQ07MkBN_ZKxoW7fKBhoV5I15l4ji0W_V92TUDhg9A9ujNLtbsy...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRd3HiuxFw-5u_2Hh5IyLnhObyQry3wkf_ldfKQ07MkBN_ZKxoW7fKBhoV5I15l4ji0W_V92TUDhg9A9ujNLtbsy9onEGqz&google_hm=f5ef61caa8989b...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRd3HiuxFw-5u_2Hh5IyLnhObyQry3wkf_ldfKQ07MkBN_ZKxoW7fKBhoV5I15l4ji0W_V92TUDhg9A9ujNLtbsy9onEGqz&google_hm=f5ef61caa8989bd923yo3f00lqc7k2fp
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 19 Dec 2023 10:34:34 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRd3HiuxFw-5u_2Hh5IyLnhObyQry3wkf_ldfKQ07MkBN_ZKxoW7fKBhoV5I15l4ji0W_V92TUDhg9A9ujNLtbsy9onEGqz&google_hm=f5ef61caa8989bd923yo3f00lqc7k2fp
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
attr
cm.g.doubleclick.net/pixel/ Frame 887C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LEjcyC8jzJgCaqd0uxYayY10M6c0IQiM2ZHJo96llgMhU0nm27c3tAFqw1x5BjhDc4qAXl5uI
Requested by
Host: 96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
URL: https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
generate_204
tpc.googlesyndication.com/ Frame 64BB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OT5c3Q
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ftUtils.js
ajs-assets.ftstatic.com/ Frame B5AA 		85 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajs-assets.ftstatic.com/ftUtils.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/115752;7998036;201;jsappend;DV360;DV360FY24AcrobatRTRAcrobatCustomListJPDSKBAN300x250/?ftOBA=1&ft_domain=reurl.cc&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Freurl.cc%2FgaOWLp&us_privacy=${US_PRIVACY}&cachebuster=376805.4257926705&ft_dv=%5B%25ft_dv%25%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-78.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10707c1987c2d6abacf5140d5c82d73f302fd8dcd1091bb2c6f1f30ebe7b321e

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 13:30:13 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/5.2), 1.1 e8cc67dac801883a467c565f16878d92.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-C1
age
75860
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26266
last-modified
Wed, 25 Oct 2023 13:28:37 GMT
server
AmazonS3
etag
W/"9854f5d95c23f23d3d344dcd83f89d38"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control
max-age=86400
x-varnish
1036965317 1035375932
vary
Accept-Encoding,Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
e6Fzjs_aAxOrdb6EjHuVkboOboqFpwxk_Jm1eHIxiBnsJVB60H0ZFw==
5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
pagead2.googlesyndication.com/bg/ Frame D973 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 13:51:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
247374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19933
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 13:51:39 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DE4A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCZZQai-1AJCCUpqarvpreZknEtIDcfqaFHdgrWwwQNegi82LBgCP2y4JDuCWTxbCColjbGNfxfXaHh9OTyBsozV_VmThHjgN2oAJABL8SNHwmzmXb-atJg3BPMqpa0Z1VFF-XoE4av1lP5harU2z3BKKUL1cL_3CUAGUk9qjR3cstnmYM_AiST087Z07Pnxi6BiU81nlVJcynZpib6rh7jM0d992Mue1FlPDoHH3kj9pWCGXVGR6AG_iyvU4cwL3_BKOKFCUqHQlWNCBJi8WfoT7jJJcwr3r4nMMHiXVn2hoZl-E-npyD3ehPK8QRvjJrQ0vQv24SUG-h_xbmxE_5fc5IDJ3uaHvyWvi-saVHtZoD0CcqyZBmYrtw7CHUgbtHaonYgtWKu301_ipGcecmKqVy&sai=AMfl-YTaKGPebO-kvWJYzpX-1Tah_0TdhkqEQ2TOFbhUcOCkgDRzINJAtMkSowVOizWHuaO-wVrrT7-S0zxD5w9ivwoUOV0ZdZQW1AdZ5PryDHlfyBl7t_YsJs-SuVHSjVI&sig=Cg0ArKJSzGC07lOJajNREAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 19 Dec 2023 10:34:33 GMT
3502511.json
agen-assets.ftstatic.com/display/7998036/ Frame B5AA 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://agen-assets.ftstatic.com/display/7998036/3502511.json
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.183.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-183-98.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6bd354fbba337f6185fae125fb1a2623f0ffdcd2d18e42b665296a5ea4d0d72c

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:22 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/5.2), 1.1 92fbfdc831b82255e0f463db9398ed78.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C4
age
22
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 12 Dec 2023 08:45:21 GMT
server
AmazonS3
etag
W/"33f7e1cb5284a03019207383f533a5db"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control
max-age=30
x-varnish
1022878267
vary
Accept-Encoding,Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
uIpqivzSwRvh0Fv424YEWvjUicPmbB4zUNQ4f6MQIuYrogLRD2eHfQ==
gen_204
pagead2.googlesyndication.com/pagead/ Frame D973 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bex3XuXGBZYOkL5rM7OsPvbiroAMAAAAAOAHgBAI&bg=!fn2lfTLNAAa0LlnulC47ADQBe5WfOEpuWlR0-scddnTvokZJeZeWyLZ6uCwiRKZ2wYHhW0MN8SHITNosxKPTwROWB7JbAgAAAFRSAAAABWgBB5kDfl8m6jWOCj_a8U4UTFPCjXPS4wiDX-Rf5r0HW6swNI3I8ZKCvELAk5PNV0s4l6ftKtYJ06nUPvblxw16UzG3yT6ZOBbVEf3NV6h9r657KyeA85Pftx7sA6VTGW0XHcAUWuhhCU20MciaxJuWit0hE8CJYlAX8YclIForDW_ZLWSAry0VLw-DEPYnzHT1w6LH4EWYISqy-jGaFDhSpT4x8NVxDaE3Qxk6afFHgdrGIgBjxB_vWqgHekNN62jyP3ptsl0HQj13kY8dyzHJQBOSIu8_Fh9MchP2j1TQgs3uqX2k3u0pC0OOioTIhT0WaCF0Xmyy_yG53-dx_sZg0lCCeioaQ5BszhR3qJnH1xqeHDCQCdsGyvS0dPpZZooqQpbar428IM0IeIRPYBHh1QBQm96DSkX634jy1FboBhf5kbP-SwA25Q8BNY_iUBX2FSWGdwY5DGX4x3MaQacqpldrcP6wYaz_fQa2RdKbS1uLFnnzCsc8U7q8jEWxHjoel3PxuRfRd_w2zZirQUxx8INmejQI44TwjcuP6WXaBKdaDMI4xqMeVUCtcjSgl6GM_FRF886pP3oS_J55_3JVdWGccnXISWGoTEgFVofOaSqjHiStFvRlsGlgk0uSV0LH-siHIZTyjlWF9MQOGwE1hk4rHYF466HK700kl0Sibq3yOB0kaZAC_0z1AVq9I3NW6lRWfTKSTy9AKmenEZyuirQ0BVWF5-i2_LHerC6uJwIKCUlQPW-Mpp0aBDCbbZ_VJBGidBpgmzMhda5BErGhqADX-LdF4F8IGqX9faDI4RmDvGsEQ2doFMg6gWPkU-46IVIg-ajIlzY_iXp6pF98cfY0FeSnT2JnA3JC_y4fEoffP86pUwUsgOpJK8lpMxsEo1WiSqMJMlv0Uf_7DdCH3kzE2jUmf01pQuslvbT3YpJBSjtzwr-dL2kiWuD4EKEEprna8IbhntYdbr7JlGutcJSoKtZoBIt6EfOa7z3dbIR-wZZPSkK-ToWPxeI8v9AAie5fHLA7hx7EBiFrNJwl2ERFSHDFKF0VUm2cTTkxFpSvLkGTW2a3bdK31uj_0_cT-TUJc5kdtRmGXYyiFl2RilHAWoM6DNefslGvuIuoOFI_ArIdCFoAmmG1yae6UjYbXdUN4HaRQqr6EwBtsqcy1y1pkqad_9Nfm5rH8C2m13fDIw
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3260 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudj9o1PFc1nlMsirxyLj3yENzjfyewNBvCbjqEVT-mvkf0khNLgTq6k80R-566plYQhKsHs8mtgXedQ9P7nti34KAT_zFnNFnkHIwFOFKxfsqxFFPRg7DSIi0cGKRwBP_zhPHVSrWtXACXWRg8K4kyxF3ZjTg1UR9UfzN1mV8eV58mhF1xDRzGSiwEfe9aEU1dDa_V7bHZ3l_mR9ivgJ5289ux1vnxLTv6L4Y8Y2D3Jju-hNEwSRZmpnO5nr4AS7zlvPQIzLRTfD9VXCc7oCcp7fQtPaaCZ63SQkqJH_kZlLBypgP84j2PCsQTIPmC4k9Z1HY8guUpo9CmgG1EiMVxckeIs0QJ8nqM7xv_BMtW1vHx2CcecsMkEJznKLBQ_C1Ur0UTBp0mdGB0tnXMUiOxxg&sai=AMfl-YTDxVHvyVt0-GtEhYcZgzO5zyWZ2TPJaHSq2f434EvusyV7Spv2eJ5glETSG317xLGUGz_c60jKnxcwyA1Qx7WBJvrFWROJlV4UjdbEguHiUEolWADchTCSf069Mb8&sig=Cg0ArKJSzCrhk9pPjz3rEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame 3260 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Tue, 19 Dec 2023 10:34:35 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
xbZiDQiKu6oTsCtPxmE1uYKZDhrH71l-Hac4Z0Mru2V8ck7XLVfd1Q==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3260 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 10:34:34 GMT
d9core
d9.flashtalking.com/ Frame B5AA 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.115.150.138 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-150-138.ap-northeast-1.compute.amazonaws.com
Software
Apache/2.4.56 () OpenSSL/1.0.2k-fips /
Resource Hash
25b302d03c63d0aefbf9146bdae56e279c74730a881d474fae50de0283ad3fcb

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 19 Dec 2023 10:34:33 GMT
Server
Apache/2.4.56 () OpenSSL/1.0.2k-fips
ETag
5bc31bf7d4a298e1bef9d35fce222bfc
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
d9.flashtalking.com
Content-Type
application/javascript;charset=utf-8
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
10814
dvtp_src.js
cdn.doubleverify.com/ Frame B5AA 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115752&sid=18330&plc=7998036&num=&adid=&advid=&adsrv=29&btreg=7998036&btadsrv=flashtalking&crt=3502511&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=B88E0315-8E90-5CC4-8AB7-0CC7D3E443AD&auevent=[%ft_dv%]&36784783
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:e::b81d:8cd4 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
af0be405379be94a32ae12315afeb948ebfac6a014b6e223df5d69ddf1cfd0e8

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 19 Dec 2023 10:34:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Dec 2023 15:39:26 GMT
Server
UploadServer
ETag
"8d1408cbd1feb73b884d15102a7fec43"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3637
Expires
Tue, 19 Dec 2023 10:49:34 GMT
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame B5AA 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.84.51 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-84-51.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 19 Dec 2023 10:34:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
Server
Flashtalking (AKA)
ETag
W/"41e1de2061b5162671c94aaf53e51cc1"
X-FT-Origin
us
Vary
Accept-Encoding
X-Varnish
691899558 682345918
Content-Type
application/javascript
Cache-Control
max-age=84182
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5545
Expires
Wed, 20 Dec 2023 09:57:36 GMT
FY21Q3_DC_AcrobatDC_AcrobatDC_jp_ja_ConversionOffice-LPB_ST_300x250.png
cdn.flashtalking.com/116351/3502511/ Frame B5AA 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/116351/3502511/FY21Q3_DC_AcrobatDC_AcrobatDC_jp_ja_ConversionOffice-LPB_ST_300x250.png?609810306
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.84.51 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-84-51.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
69b2eb9985d5a303880bb7ac718a098a620d5f5fede854cdb9fc4f9ebe7a4468

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 19 Dec 2023 10:34:34 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
42713
Last-Modified
Thu, 01 Jul 2021 22:54:26 GMT
Server
Flashtalking (AKA)
ETag
W/"ef6d1d7b6a63fcb7f4e1c75a2c89bcd6"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=988
X-Varnish
960105020 959556670
Accept-Ranges
bytes
Expires
Tue, 19 Dec 2023 10:51:02 GMT
iconc.png
cdn.flashtalking.com/oba/icon/ Frame B5AA 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.84.51 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-84-51.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 19 Dec 2023 10:34:34 GMT
Last-Modified
Sat, 12 Apr 2014 19:14:31 GMT
Server
Flashtalking (AKA)
ETag
W/"db320ef6f3c45ab5c90887ef618de2bb"
X-FT-Origin
us
X-Varnish
535994354 451128532
Content-Type
image/png
Cache-Control
max-age=722411
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1308
Expires
Wed, 27 Dec 2023 19:14:45 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame 6E5B 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
37
content-length
9921
content-type
text/html
date
Tue, 19 Dec 2023 10:34:31 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
x-amz-cf-id
IO-2q9K9xNR1vzWlic1LKgWsJXx3pVdHIjRCX6G7OhYTS0WY4XR6Wg==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame F288 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
47
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
MhieZrkF6s9o32K-FwhbIA3DtM5AeKGDHgM_WZ3Xv3hO3vXU9L6FaQ==
/
cm.lndata.com/ Frame 6E5B 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 19 Dec 2023 10:34:34 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 6E5B 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.5.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-5-49.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 6E5B 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 6E5B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
H3
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
age
2
x-guploader-uploadid
ABPtcProGPGCaBOVG6ACWJjtUZ2S39p0ZQvbDgTLxT5lzmifmUw4f8vw4LF_pjT4Vv_uoAfGigUlbey-o7102eqkEkWv-aEWDg16
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Tue, 19 Dec 2023 11:34:32 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
ad.holmesmind.com/adserver/ Frame F288 		1 KB
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:34 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame F288 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
33
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
Va19IXz5v0ZKVKHrFJtKZ0VvrAoyd3jtXyRaZuWfeirwdyI8zrE40g==
dv-measurements5158.js
cdn.doubleverify.com/ Frame 5476 		424 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements5158.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:e::b81d:8cd4 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
ce1256d7c2c3f7e595a3a45f76896958ea1a2e5330a0c30477f39dce769d41b4

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 19 Dec 2023 10:34:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Dec 2023 14:13:49 GMT
Server
UploadServer
ETag
"68fadb2c62db5f75dae6a51ad8cd09d7"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
102638
Expires
Wed, 18 Dec 2024 10:34:34 GMT
ads.js
ad.holmesmind.com/adserver/ Frame F288 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=237&o=1&fc=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&d=1&b=2&ts=1&ii=2&FPCK=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2d42828724b419076c49f2f79617e9ff578e5c605f527e53d56a2d1ee6074c9d

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:34 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame F288 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
29
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
8uNsMkuMUhlBb4_C65fDtz5lvQDi6O3g7_8XaDKdZTMSXhCmtIwe2w==
publishertag.js
static.criteo.net/js/ld/ Frame F288 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-20a3d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 10:34:34 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame F288 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
37
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
mLlByYJfVCtNjK1PY9PrL877e77SRzpGBn3-MhX6hAAbzQo0c_kWIw==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame F288 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
29
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
8bLw0xozE3arlkNyUnNdiZj3fzBSB5CSfjflSSZ89KmNPyJ7XqrXfQ==
appierV2.js
cdn.holmesmind.com/js/ Frame F288 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
L_ytFJI.iZbA3Ys9mJ75ciLmXqmRfuVO
date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2023 06:52:43 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
19
x-amz-server-side-encryption
AES256
etag
"21253aa5d7ee0c3b700ce5f1a4a1b4d1"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3446
x-amz-cf-id
h3DueMso5n4DxogpEZSXhI98xw-9p-rK_b5ZIz0YsWV5MPaaQWzx3g==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame F288 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date
Tue, 19 Dec 2023 10:34:03 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
32
x-amz-server-side-encryption
AES256
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5467
x-amz-cf-id
1cP13gUv6vAob0Fz3RRUwn938rr5RKtwfZohqDrgg1aDqh9kzqCCkQ==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame F288 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:34 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame F288 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8733817269661446
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
ec588d73d8d3b6717a12d44a598a96f57b07d5f6294c5524b89cd305d995ade2

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Tue, 19 Dec 2023 10:34:33 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
truncated
/ Frame 3260 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
331c345785b38fa659cf2625e392e2103b1d0b19d8651fd036b5d5d0e46074e6

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
bid
ad2.apx.appier.net/v1/prebid/ Frame F288
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 19 Dec 2023 10:34:34 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame F288
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 19 Dec 2023 10:34:34 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
visit.js
tps.doubleverify.com/ Frame 5476 		729 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=53&ttfrms=25&brid=3&brver=120.0.6099.109&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BAU2%3F4r92%3A%3Fl9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTauhefd_623_4haadg4_eg27bhc3ee__hah%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BA&srcurlD=5&aUrlD=5&ssl=https:&dfs=546&ddur=25&uid=1702982074239432&jsCallback=dvCallback_1702982074239199&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5158&tgjsver=5158&lvvn=28&m1=13&refD=6&referrer=https%3A%2F%2F96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D5&fcifrms=10&brh=3&dvp_epl=389&noc=4&nav_pltfrm=Win32&ctx=1828362&cmp=115752&sid=18330&plc=7998036&crt=3502511&btreg=7998036&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&auevent=[%ft_dv%]&mib=0&dvp_ftimpid=B88E0315-8E90-5CC4-8AB7-0CC7D3E443AD&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=138628427.31082535&ee_dp_sukv=138628427.31082535&dvp_tukv=821995972554.4207&ee_dp_tukv=821995972554.4207&dvp_tuid=673730951497&jurtd=4149788566
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5158.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
c29730e2d866cb3e4fd29e72864d8dc8b2bf1e1924ae66aa908f5ef3f0872c66

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Dec 2023 10:34:34 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
12/18/2023 10:34:34
drawV2.js
cdn.holmesmind.com/js/ Frame F288 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=237&o=1&fc=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&d=1&b=2&ts=1&ii=2&FPCK=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
MSt.illVoQb3pO8IADvHgNboFaeniBxV
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 06:01:02 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
50
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
-Wq88mn_eR9pT66OCC6xarBfJsxrnVDrj0nhmnCOkf7Pf6JDjycC4w==
/
ad-events.flashtalking.com/state/7998036;3502511;0;271;B88E0315-8E90-5CC4-8AB7-0CC7D3E443AD/ Frame B5AA 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/7998036;3502511;0;271;B88E0315-8E90-5CC4-8AB7-0CC7D3E443AD/?cachebuster=275383724
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.24.107.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-24-107-100.ap-southeast-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame B5AA 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?0-7998036;3502511;0-304-0-0-590022690
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.84.51 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-84-51.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Dec 2023 10:34:34 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Tue, 19 Dec 2023 10:34:34 GMT
utag.js
t.ssp.hinet.net/ Frame F288 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 19 Dec 2023 10:44:34 GMT
cdb
bidder.criteo.com/ Frame F288 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=145&profileId=184&bundle=pTpWF196aHVBOWtzdlJnNHJudTdlMjNSWml5bHRlUU9UOGZrNmpxTGVPJTJGOENSMWttQk5XZk1kQVlUNVptUVR4b0huWWxjblJiaFpneG01NWl6T2gwYWQlMkJpYXdUaUdMRXZUaXdGWU1qcWhDTTMlMkZ0YnNQbzklMkIyaDhKRHZzQkxJaXVXYkJCYU4xRmUxYnZpZUtQTlBCeTclMkZCYVlBJTNEJTNE&cb=28688494886
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
lgc
d9.flashtalking.com/ Frame B5AA 		103 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.115.150.138 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-150-138.ap-northeast-1.compute.amazonaws.com
Software
Apache/2.4.56 () OpenSSL/1.0.2k-fips /
Resource Hash
33e447c54781f2c76bc0526302b3b5e306bda7b2f48437992ed45480ddd9706d

Request headers

Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 19 Dec 2023 10:34:34 GMT
Server
Apache/2.4.56 () OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
Content-Type
application/json;charset=ISO-8859-1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
103
ft.stat
stat.flashtalking.com/reportV3/ Frame B5AA 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?0-7998036;3502511;0-306-0-0-906523373
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.84.51 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-84-51.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Dec 2023 10:34:34 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Tue, 19 Dec 2023 10:34:34 GMT
pixel.gif
static.criteo.net/images/ Frame F288 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 13 Dec 2024 10:34:34 GMT
pixel.gif
static.criteo.net/images/ Frame F288 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 13 Dec 2024 10:34:34 GMT
events
bidder.criteo.com/csm/ Frame F288 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:33 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
sodar
pagead2.googlesyndication.com/pagead/ Frame 12CF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=2243354471740373&bg=!0tGl0Z7NAAY3kmNgF5I7ADQBe5WfOBkGWmBkYGg3DTKj3UT3Dm8SO0PA90XY7QtSvyz5127IiP4mkPsV_Qej6SlmxrdtAgAAAIZSAAAADGgBB5kDNvaNL78qIyRAThvQWPBy9XYqWWhXfbkHSr8-f9F0mNYMkT7uoUs0KA-zQUje-1K7skA0G_jV4G8j3a2Ev2wyghli5_RFy3T0J0qmk3qGi4AN_WApIJ9YZlbVmxFf-ppYQGPbwNNOV23NaOkyKUiLpZuoAq6SqIfmZnZViEFiCmp9wS-lb6Jh4jFEJ_0x4bTzmJ1XSPkAXuF364l-_CAPCK77HIlb-iZj1xkaec66TjCO9SAGEl4xDuch-hvyK5AlsY4sdTgE_JoNEHWRq9NAZdGAqBxYxJWCbZwkDxxzoOUZIKzAny6SA5O_bl0igthrmWOKxSqLlD0DJ9k0IsOWQXSk6nImfyETDuwF1GN9MiRuZQyIprME2vSJ3W407mFN2J7wmfdy3QtJrsnzpq36z5xrgatXLV3gy-M4KVT-X9j_gbDyANMeZsl1VoiBArv1NKUEQgEKjULzDU39YFyHvAh8uVl2cInMD3GMFcG0NyLXB4GDFa6EWwhJZgLBi9TwmHe8NAmlsR-hxesTpzonufhlBqwY-pTtgtAG5V2Y7iyR1huzMRhxxXOkMIObqXbyQujVeWF4_ALSNXnAC5tN6UoxWYhlwxXTHzQbFcuSUuQTMtMgRhytnUBP3VyCKykw0tUYM4v3MrR8Dl8UfjKfZG52iYCK0mbZpejj3o9OHDYUoCzZ3AeJiaj6g1p9V72T3-4jjEx298ik9wfmdRTLULQlSajUgkpTZ64YBTKjSH7JNmGSdDKl0ouBSRKJIkA1J8E9mVp_8uoH8mxJbigvIeK9Uovxkqk4lUrSSjUtfm-KansmnzKvh9rWeF4j2FDBcl9f-8fLMUgBTjbHaSWBpIxYY7IEH7jUF3WCELFe45H34gZNrAR-wSRjz5mGPCqpCDXVvuI6xhNCZS5rR3NGUdcZRnPcVMhchDjX9u9PdJzJQ6BsErklAyhegF7Bf-oG-F9UMR_zfYaBkRIro8nKLilsOJvQwHBdc-HBw-eJD7yxQq05nKcC5-6m9P7ZHGEkdfI2cmtevWBe1o0tdM8vF5ui4Y6A0rt9W6Y8HaM06wsPVdVokoEJWx-Ts3sciKLLKDfLk6ywCg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
/
servedby.flashtalking.com/state/7998036;3502511;0;401;B88E0315-8E90-5CC4-8AB7-0CC7D3E443AD/ Frame B5AA 		42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/state/7998036;3502511;0;401;B88E0315-8E90-5CC4-8AB7-0CC7D3E443AD/?ft_data=d9:3f545f37c20a40adaa69959752da3b18;d9s:3f545f37c20a40adaa69959752da3b18&cachebuster=63955358
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.112.238 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-112-238.deploy.static.akamaitechnologies.com
Software
prod-xre-app17.tky11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Dec 2023 10:34:34 GMT
Strict-Transport-Security
max-age=86400
Server
prod-xre-app17.tky11
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
42
Expires
Tue, 19 Dec 2023 10:34:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3260 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJDlE-2JyDO1ClcBq7W1Qr9m9dVPXDnYH0y_jeWfP2ThsoKMHwt0TBSz3nnP-vi4SdNbeT4GNTQonIBiF-Bfs4xN2QqMpnUOU1FMMLI8C43ILgCDRvq8FGwNLz-5fLsZHw0BBvOQor8IROJJCDVwPqBOgBtRc5SvQYzaTc7DeYBFAivwWM7USrOsUERSGfRiDKbcQ-wZJlspbknroxmYC13nWe5pUzM7OrhqLJFW9YHkuQ1p3xNJ9F2HM_XvaL9qXN2-IdVfcpkW7O68e3P-vUlH-RFRVq3qlKWd_4tY_jz__Aladn9_A0p5WMKMDnXGD0tApr5JDlFDLba2H_l3-aFWpQx93XCyEjzBhG6sXBZyfcoXVJkagbsya1vOxa9DvAUuTOcfOLNuve1WpNpSgww6-V&sai=AMfl-YTN2w51FXGgX5kzPIej14Qem74zCgaaUq8Kc4HV_wXWUAuxUWCJpgvIXsARTtXNFAMhwiERIKUxsbw6FRIBNJn2SAvglxgQzGZ8D_1wLgmf9RSQ-RzNy4-9-z5GD3U&sig=Cg0ArKJSzAcUlbLQqjRqEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 19 Dec 2023 10:34:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 28C7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGsOfOhYHHnjSSF9tk_pA1eomddzjM8MBjZ7nrqkfftAMfDOC3kUjI7HRYS4i1jvWdn8Si13hIVeBkjpzvSwwfRn1Itb_2oHOdZRI-9n9NbEDA905n3D8zcQmyuolED8VitxmbQndQgsq4CBXCmSRLwNSH4Dr22a9W2NMzQTLpBg7u2jjgXf_iA3UcGScT2wVmLfKYiQNgIP_pMIVrogTsUHUQhRYU3ufapUmIapiHSGc6MiDtrh2wYCbnkJ1RhdUBnYd1QEQY05EZ2RumYBbD6xZxRmgfGz3CBEyGlfpnEvLPPQMARkTltBjbjHV43aBXSgO-F33xoyCCsm9i7Hd4hzIhggUB5yAY8DvTCUG_Feqng_9lAuXx-kpVkuXnXOf2QDAyFSRDOJwzwA&sai=AMfl-YSTuIdtpsQwOPXFSDCWDdo_tm4rQPG6DNJLimSRjSCt20DwXM3GqmBA7eYOKUBskCDlLNNyZyOsoAvWMr_ScHHiFEDIyNn1jPdzB4GYHBs01kAS72w3SaY_jnkDFIxYUtXu97XUICgjton9sK8-8f5-&sig=Cg0ArKJSzPC9wxPnEqLzEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 19 Dec 2023 10:34:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CB76 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssI2NKiR0PqIqSdIhO-xtP2apUBpPOEiWWMPUl4y8S3SlbgXyFJvU6v6BuconBtlKIjXJsUVrk7QEq3Di_TPTgzcBxbtjuXAKwA4MZAUwBwhh5TISfAUk7w7ZG4z1h-wfosGXbMpRLdrICMkzKb6p-wHxko32ZWdm92fVQrG2KLvE-b-JWUmNCzcvLK9JIVXB846OPH-cglAs3VN4p56QrZioWpcL60VHFI3h2KyrzL3j5__OIJ61DKt2Af8JlHddwFUf9blvjIS26_CnvbqIXuxCgBWDjvgEYXRVhxgeEQkHOHO-R5Q0UQ4hTFRQiG7tZlvWgAqakhf7BV3BRTRtNoFKoJVYP4g7zFGvzuS70T-ZebLrBu4lYKC2pMU0kRc8sjLbBn5wso4TD6QQ&sai=AMfl-YQjGIpKglO-kNpp0IZcaDcBtFLAesl9yPka3aTNLrxxdmCQWRNaCaU3WtEoZXEWJBC5Z4xpY4KHW-J5X4k-kk2JNPKkA7KNSd3lDbtRJOdEWf1ZLFEGcRzcyD52hQkxjwZIF1qpuydmFOxymsBKgN_Y&sig=Cg0ArKJSzMqgDObbTft1EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 19 Dec 2023 10:34:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b5a248d9866b5b7819700a9ca95583f7e1e17e0bd5a4667ec4bbdbfee48406
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12319
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 7F97 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
96925fcf3f2e756c4ca746bea5edcf726bd05ae282e0ae4260753d62521536e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:34 GMT
server
Kestrel
server-processing-duration-in-ticks
1014393
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
syncframe
gum.criteo.com/ Frame C80C 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
96925fcf3f2e756c4ca746bea5edcf726bd05ae282e0ae4260753d62521536e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:33 GMT
server
Kestrel
server-processing-duration-in-ticks
984113
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
syncframe
gum.criteo.com/ Frame 3A1A 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
96925fcf3f2e756c4ca746bea5edcf726bd05ae282e0ae4260753d62521536e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:34 GMT
server
Kestrel
server-processing-duration-in-ticks
864591
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
syncframe
gum.criteo.com/ Frame A5A8 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
96925fcf3f2e756c4ca746bea5edcf726bd05ae282e0ae4260753d62521536e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:33 GMT
server
Kestrel
server-processing-duration-in-ticks
1111356
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
syncframe
gum.criteo.com/ Frame E7A2 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
96925fcf3f2e756c4ca746bea5edcf726bd05ae282e0ae4260753d62521536e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:34 GMT
server
Kestrel
server-processing-duration-in-ticks
1029462
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 10:34:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 217B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
118192
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 01:44:42 GMT
expires
Tue, 17 Dec 2024 01:44:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3F9C 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:818::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d2c56661ccae843bfd50f6f5326b1ee7ae8c6d0df1d95889522f23466f1d7825
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cNs1TMRfGrP9gqAzQ9eD5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-cNs1TMRfGrP9gqAzQ9eD5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:34 GMT
expires
Tue, 19 Dec 2023 10:34:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 217B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 08:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
93471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 08:36:43 GMT
sid
mug.criteo.com/ Frame 7F97
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=pTpWF196aHVBOWtzdlJnNHJudTdlMjNSWml5bHRlUU9UOGZrNmpxTGVPJTJGOENSMWttQk5XZk1kQVlUNV...
  • https://mug.criteo.com/sid?cpp=G5XZNHxBdTZRc3NLaHQwMEVyaDZsNTdSZjJYOXNXalBCK1ZKNzRuWXJMK3BTUHhoTEtiTDFMcWFNOHcyejlycWtoVmpGbzNlY0IwYTFHc3Y3d09FNGp6ZVU4U2MzL2JPZWQ3dTFjemk2N3RPTHlnNXNVeFN6V3hNUVFZWU...
419 B
643 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=G5XZNHxBdTZRc3NLaHQwMEVyaDZsNTdSZjJYOXNXalBCK1ZKNzRuWXJMK3BTUHhoTEtiTDFMcWFNOHcyejlycWtoVmpGbzNlY0IwYTFHc3Y3d09FNGp6ZVU4U2MzL2JPZWQ3dTFjemk2N3RPTHlnNXNVeFN6V3hNUVFZWUdoL0JuK3BjL25weEpBTUhaazNKU2U2ZDNEU2dmcmp6MlRSdmd5TXlXZVNrN3F2NUdna2w4R2MzU3Y2czR0UDEyYVBNS0NWTk96TW41ZzZxaytLRTFHeU5JdmZsTWxSaFlFeS91bWNtbTBmNi9ZSWVLK2hSNUF6QWYrdlc4WHhTem90N0xoNzRXRytNQ2t4cXJSVFdJajBwQWc1NkxzVWNsbncrOU12SEx1aG83bW1MeTRlaz18&cppv=2
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
bc8e876f8833abc8dd098a57086fe9b75f2e5e5d5a7e82f23901a64a0a3c64fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1019031
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=G5XZNHxBdTZRc3NLaHQwMEVyaDZsNTdSZjJYOXNXalBCK1ZKNzRuWXJMK3BTUHhoTEtiTDFMcWFNOHcyejlycWtoVmpGbzNlY0IwYTFHc3Y3d09FNGp6ZVU4U2MzL2JPZWQ3dTFjemk2N3RPTHlnNXNVeFN6V3hNUVFZWUdoL0JuK3BjL25weEpBTUhaazNKU2U2ZDNEU2dmcmp6MlRSdmd5TXlXZVNrN3F2NUdna2w4R2MzU3Y2czR0UDEyYVBNS0NWTk96TW41ZzZxaytLRTFHeU5JdmZsTWxSaFlFeS91bWNtbTBmNi9ZSWVLK2hSNUF6QWYrdlc4WHhTem90N0xoNzRXRytNQ2t4cXJSVFdJajBwQWc1NkxzVWNsbncrOU12SEx1aG83bW1MeTRlaz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
342193
content-length
0
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame B5AA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsut060dW0tMUc8D0IO8a2Num7ljQYXOU588icjFrGZjtDAMCWvDb2esVWl47snOafByU29ueq-IXvcHM5t0RNFhqJlJ_6XPa6dyVb2LTZF5SCIg9WXs3Pby8zHtjlY06_f6jL63ciKPgfp3PqJk-AAGPick&sai=AMfl-YQEwJ6GzH9j4JcxaeMipvjgawYDBn1HyeBDOgi7BXdxubQGLzYeNQhGt0rFcnV392GBCgelxZ7djN3swNx2xu_JnrO73qQZWkjEHSKTc-GAUkySbpe0cyX-v1Et&sig=Cg0ArKJSzOgP6Glfg1xWEAE&cid=CAQSPAAvHhf_ka6Ot8PKVYeU0wJjLHi_SfdOgVmK9L3BZMrFtOKTv7xGGmi87ye3uw-0nodaZApYWGS1f8CDURgB&id=lidar2&mcvt=1020&p=108,1030,358,1330&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2033195636&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702982073593&rpt=271&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame C80C
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=pTpWF196aHVBOWtzdlJnNHJudTdlMjNSWml5bHRlUU9UOGZrNmpxTGVPJTJGOENSMWttQk5XZk1kQVlUNV...
  • https://mug.criteo.com/sid?cpp=S3o9Mnw1MTd2M0FQbWVyaHJyNzBad0hrM28zaEZ5VWRSTVdQTWE2UGp4NEtVTmVUUVV0aDFPYlFCM050OGdtQ3VLN3VBWjJHcjBwQi92YkdzbHlTOUw0UWJkeUhtK25BanBSRllORXlDR0orUzhjUmZZWnZUd2piVDJMdT...
430 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=S3o9Mnw1MTd2M0FQbWVyaHJyNzBad0hrM28zaEZ5VWRSTVdQTWE2UGp4NEtVTmVUUVV0aDFPYlFCM050OGdtQ3VLN3VBWjJHcjBwQi92YkdzbHlTOUw0UWJkeUhtK25BanBSRllORXlDR0orUzhjUmZZWnZUd2piVDJMdTVRMVpMUmNmUzdZdmlkQlJoV2ltdHdyUE1yM296V3k2cVhkNzRGb1k1QmFrRUY0VG9hWTBQWnQ1S1ZGVUF5YXYzRTkzbkEvbm1Wd3c3YXhuZHhMbVJ1d2NjYUN5bnRFYk54MStuUG5GdFptSElzV3FPUmRWWkxBQUFJY0VMa3MrNkxmVXFDL2hxNkJ1MUtNc1dSNzE3ejNQT2haRktyWGw2Q1RaY1NUNzJjYlBsQ0VkQUpSWT18&cppv=2
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
7db2c5e729ac2b09b0b1fb3174bd014d519a46ccdf162b6c95cc99777d0b982f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
989536
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=S3o9Mnw1MTd2M0FQbWVyaHJyNzBad0hrM28zaEZ5VWRSTVdQTWE2UGp4NEtVTmVUUVV0aDFPYlFCM050OGdtQ3VLN3VBWjJHcjBwQi92YkdzbHlTOUw0UWJkeUhtK25BanBSRllORXlDR0orUzhjUmZZWnZUd2piVDJMdTVRMVpMUmNmUzdZdmlkQlJoV2ltdHdyUE1yM296V3k2cVhkNzRGb1k1QmFrRUY0VG9hWTBQWnQ1S1ZGVUF5YXYzRTkzbkEvbm1Wd3c3YXhuZHhMbVJ1d2NjYUN5bnRFYk54MStuUG5GdFptSElzV3FPUmRWWkxBQUFJY0VMa3MrNkxmVXFDL2hxNkJ1MUtNc1dSNzE3ejNQT2haRktyWGw2Q1RaY1NUNzJjYlBsQ0VkQUpSWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
305283
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 3F9C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=3988352298556606&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
sid
mug.criteo.com/ Frame 3A1A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=pTpWF196aHVBOWtzdlJnNHJudTdlMjNSWml5bHRlUU9UOGZrNmpxTGVPJTJGOENSMWttQk5XZk1kQVlUNV...
  • https://mug.criteo.com/sid?cpp=Wrb1KXxQYlV2MlhCYU9RMS9HOEM4WG1hSWxQWkxJL3BnRGFDcTRHQVBhYnkzN1Fud0VOWDV4QWRERUplb3BBd2p2ZjdzOTh0blozUUE4dHNyK2JJOFVDUGtrMkJIQk1nVzJ1OFRHUEpMUytGRit3QWhDVnRVdWRUc1NadX...
433 B
647 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Wrb1KXxQYlV2MlhCYU9RMS9HOEM4WG1hSWxQWkxJL3BnRGFDcTRHQVBhYnkzN1Fud0VOWDV4QWRERUplb3BBd2p2ZjdzOTh0blozUUE4dHNyK2JJOFVDUGtrMkJIQk1nVzJ1OFRHUEpMUytGRit3QWhDVnRVdWRUc1NadXUvUXJDZm5KSXNTenozZGt3QWhwd3AvMVRQSUUvSHJjajNGK0VhNVZMS1ZtaTR2bjR0YTliRGsyTkFyVFc0U29kQnM3czVHOWY5UkYyZTk2bUZiRDJHSi8yenkwYzlaeThRNGNCU3lPMU1nbjl0eG1ETmJpL2lucGJUQ1FndXpGdGlUdm5MSDE1MXJhKy9Ua05FbzJSOEcwVjNkVEMzcUNxNzZnQWpoNkU5N3E4Ti9CUnIzaz18&cppv=2
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3c5edf622ec05e0b57957cb3073bd2b422a535234b26e9d6697f2cda4fd1e747
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
914684
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Wrb1KXxQYlV2MlhCYU9RMS9HOEM4WG1hSWxQWkxJL3BnRGFDcTRHQVBhYnkzN1Fud0VOWDV4QWRERUplb3BBd2p2ZjdzOTh0blozUUE4dHNyK2JJOFVDUGtrMkJIQk1nVzJ1OFRHUEpMUytGRit3QWhDVnRVdWRUc1NadXUvUXJDZm5KSXNTenozZGt3QWhwd3AvMVRQSUUvSHJjajNGK0VhNVZMS1ZtaTR2bjR0YTliRGsyTkFyVFc0U29kQnM3czVHOWY5UkYyZTk2bUZiRDJHSi8yenkwYzlaeThRNGNCU3lPMU1nbjl0eG1ETmJpL2lucGJUQ1FndXpGdGlUdm5MSDE1MXJhKy9Ua05FbzJSOEcwVjNkVEMzcUNxNzZnQWpoNkU5N3E4Ti9CUnIzaz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
351710
content-length
0
expires
0
sid
mug.criteo.com/ Frame A5A8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=pTpWF196aHVBOWtzdlJnNHJudTdlMjNSWml5bHRlUU9UOGZrNmpxTGVPJTJGOENSMWttQk5XZk1kQVlUNV...
  • https://mug.criteo.com/sid?cpp=wFwZ23xrRitYZW0zclJ0ajVzOGpvVWpVR1k0TjRBNndvRHRMbHhIeE5DS1A5RFZTd05IT3hxcStQM3RZWk9DaEVrSTVhUFkzbW0zeFI5WEZLWkZGK292UzlzK1pRTENITGtNVFFZRFpHWXpTZWVWMnBrTkpFUGxKcDhWaE...
444 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=wFwZ23xrRitYZW0zclJ0ajVzOGpvVWpVR1k0TjRBNndvRHRMbHhIeE5DS1A5RFZTd05IT3hxcStQM3RZWk9DaEVrSTVhUFkzbW0zeFI5WEZLWkZGK292UzlzK1pRTENITGtNVFFZRFpHWXpTZWVWMnBrTkpFUGxKcDhWaE8rMWxDUVB2OWJPVE5zQW1iSmhwY2g4cXVWdERjTUphcmtvMGszU3ZtbFZQSXBNZFpya1IyVWxmYkpoTy9ScVdoRkxuZ1hEMi92U2xGSlVBYmU1NmJVMUQyWG5pRWgvVGtoTGplVklJeWZvWVJSSk5WQXJXWFgzUzBPWUN1eUlaamxpZEF0eDB4ZVgxdk9LV2I5UExlYlZyclBlSWtmOENXSXd0U01uK3d5bG9ER25McENwaz18&cppv=2
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
ce741e77e5ee21643105b09f3518a62eaa91cab275d4a35522033f2537ba7d79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
807667
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=wFwZ23xrRitYZW0zclJ0ajVzOGpvVWpVR1k0TjRBNndvRHRMbHhIeE5DS1A5RFZTd05IT3hxcStQM3RZWk9DaEVrSTVhUFkzbW0zeFI5WEZLWkZGK292UzlzK1pRTENITGtNVFFZRFpHWXpTZWVWMnBrTkpFUGxKcDhWaE8rMWxDUVB2OWJPVE5zQW1iSmhwY2g4cXVWdERjTUphcmtvMGszU3ZtbFZQSXBNZFpya1IyVWxmYkpoTy9ScVdoRkxuZ1hEMi92U2xGSlVBYmU1NmJVMUQyWG5pRWgvVGtoTGplVklJeWZvWVJSSk5WQXJXWFgzUzBPWUN1eUlaamxpZEF0eDB4ZVgxdk9LV2I5UExlYlZyclBlSWtmOENXSXd0U01uK3d5bG9ER25McENwaz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
380341
content-length
0
expires
0
generate_204
tpc.googlesyndication.com/ Frame 217B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nL6hBA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3608 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db3afc4ceef9700105019a5f3a68a164484c207914071ef0f2d7858d82a6314a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29456
x-xss-protection
0
server
cafe
etag
492 / 19710 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 10:34:35 GMT
sid
mug.criteo.com/ Frame E7A2
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=pTpWF196aHVBOWtzdlJnNHJudTdlMjNSWml5bHRlUU9UOGZrNmpxTGVPJTJGOENSMWttQk5XZk1kQVlUNV...
  • https://mug.criteo.com/sid?cpp=EJ9V4Xx6MFFabS9KSU1aNDdoNkNtUWt2aW9xZys4VCs1NElOcEQ3T3BqTWo0N0F1TDB4ejFYV1lpV0ZWLzMwSTlLSGt2RWhaWFZ4RHFSdUo2U3AyTzRiRkVnc3kycG4rd3RYZGNndFZ0OG02VU1GM2J5a1RJWEE4L1F1bE...
433 B
667 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=EJ9V4Xx6MFFabS9KSU1aNDdoNkNtUWt2aW9xZys4VCs1NElOcEQ3T3BqTWo0N0F1TDB4ejFYV1lpV0ZWLzMwSTlLSGt2RWhaWFZ4RHFSdUo2U3AyTzRiRkVnc3kycG4rd3RYZGNndFZ0OG02VU1GM2J5a1RJWEE4L1F1bE1CVHNoa3ArN1pXdGZ0czRlWnVpK1VoQ3o5WkpkaFVBbW8rZlVoWUhzOWg2SkVETDM3djVhREJvTzluQ0RpL3Q3Rk9DTWoxTXl3OWxFUjJoa1NqaFNiOWZiVWROcVdxbWNvRVFaTnhWbWZNRlc0a1VTQzMvNmtsLzZtWEI4dVNSbE91NXN3Mm5BcVlLRWowTXgyY09kait5QjNYTUxkUUY0Z3NxNmsydmZ1MDd0NWEvdmdMUT18&cppv=2
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
c119fda324eac3005f8f57bbf001fff4effbf4a3dc85dc5fb5622ecd4a516fd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:35 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
785027
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=EJ9V4Xx6MFFabS9KSU1aNDdoNkNtUWt2aW9xZys4VCs1NElOcEQ3T3BqTWo0N0F1TDB4ejFYV1lpV0ZWLzMwSTlLSGt2RWhaWFZ4RHFSdUo2U3AyTzRiRkVnc3kycG4rd3RYZGNndFZ0OG02VU1GM2J5a1RJWEE4L1F1bE1CVHNoa3ArN1pXdGZ0czRlWnVpK1VoQ3o5WkpkaFVBbW8rZlVoWUhzOWg2SkVETDM3djVhREJvTzluQ0RpL3Q3Rk9DTWoxTXl3OWxFUjJoa1NqaFNiOWZiVWROcVdxbWNvRVFaTnhWbWZNRlc0a1VTQzMvNmtsLzZtWEI4dVNSbE91NXN3Mm5BcVlLRWowTXgyY09kait5QjNYTUxkUUY0Z3NxNmsydmZ1MDd0NWEvdmdMUT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
351078
content-length
0
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame DE4A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUWtkty4e3dWrx0wtgkb2okSwlSHkVKPRqx1LzG0mDMJwEZmHVxP3q1AMwlvcq0UD2Slj8ZrazcZEudFx5x1kAPCXmnvUtVHhZLGEMkAt9A6v-PXaFNkrv07ivOmVtFIXcAFOWWfko1wm9wEck5k4ZmyOt&sig=Cg0ArKJSzCLpjzUxz139EAE&id=lidar2&mcvt=1007&p=108,650,362,950&mtos=0,1007,1007,1007,1007&tos=0,1007,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=3360245792&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702982072716&rpt=1252&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
t.ssp.hinet.net/ Frame F288 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&mp=cb19cead-7983-401e-85f6-6f401482e2d0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
cb19cead-7983-401e-85f6-6f401482e2d0.t.ssp.hinet.net/ Frame F288 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cb19cead-7983-401e-85f6-6f401482e2d0.t.ssp.hinet.net/pixel?bd=cb19cead-7983-401e-85f6-6f401482e2d0&t=50ef57&referrer=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:34 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame B5AA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4329289548445&version=m202309260101&ct=77&x=1&cor=7148040864140076000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ Frame 3608 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 11:39:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
82524
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 17 Dec 2024 11:39:11 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 3608 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3645463097489569&correlator=629705386060696&eid=31079957%2C31080123%2C31079977&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3D930d1bce7898369c%3AT%3D1702982070%3ART%3D1702982070%3AS%3DALNI_MYiCmPZGPnbI7qaTgasfecmEEAHmg&gpic=UID%3D00000cb6257739e9%3AT%3D1702982070%3ART%3D1702982070%3AS%3DALNI_MafMKtM9XZUPaZCUtWzYJCmdH5LVQ&abxe=1&dt=1702982075142&lmt=1702982075&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=65fclrwpf2rd&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=9&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1091650299.1702982071&ga_sid=1702982075&ga_hid=91475132&ga_fc=true&dlt=1702982074969&idt=164&adks=3360245792&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4651e922a51a43a2ccd41fada89c6278437f8e136450ea8c57fa85f56d1db950
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12566
x-xss-protection
0
google-lineitem-id
6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3608 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcc50e617e2dcbb78fc268589ce72df8abc0fa2b758acb1dd0b2375da41af9ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12261
x-xss-protection
0
container.html
87f9374de54e38ddc657f0a6c02c6cfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7646 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://87f9374de54e38ddc657f0a6c02c6cfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=9
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:35 GMT
expires
Wed, 18 Dec 2024 10:34:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame B5AA 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.84.51 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-84-51.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 19 Dec 2023 10:34:35 GMT
Last-Modified
Thu, 11 Feb 2021 15:39:51 GMT
Server
Flashtalking (AKA)
ETag
W/"d675694ab4d4d2eb56cca854c25d9c36"
X-FT-Origin
us
X-Varnish
137344570 137150713
Content-Type
image/png
Cache-Control
max-age=372
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5953
Expires
Tue, 19 Dec 2023 10:40:47 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3608 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 10:34:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A6F0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
118193
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 01:44:42 GMT
expires
Tue, 17 Dec 2024 01:44:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8178 		829 B
562 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:818::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6ddabdc98a098a5ede4fa799fe44f0f4e78a9bac4dba7a31ab87d67d8ceacfbf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-L4VCHADzoK2eKAfhOkdBPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-L4VCHADzoK2eKAfhOkdBPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:35 GMT
expires
Tue, 19 Dec 2023 10:34:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame A6F0 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 08:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
93472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 08:36:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8178 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=3645463097489569&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 5C0C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstT8kKTQfWTIkCv_2EcNO4CtWOkcd4Qde9Cdjlt1ep3Xl8Y1LABw-Vs8Isa9_BuSMrsL0_sy1lJuly-i_MEMGkqiYVV2O7s4QIhSxvs5BWgLKmo3m3SnIZARGY6vIXLWQngVDRagqQocAEmjwszoMdjiwXYK8S1Up4EhUaIJIrNIxOHQCWyew8fnzZDdD6SC_jJjKTWuzA2bDWJhIgwhAEk3XgcFqh90eSzqrbnJh7CydfM2Y5QRur52SGZn46F658phOmePipT5AVOU3JJrZZ9ZzN7r5lX8Cb_1qy92DguGgv98HbWW_TDbCV7C0pX1tojhcLMEdcvLCJZkez47W71o4TMJKN0FJSqJE3xooHHT8aR1APH8dyrlJ1kTGBrF3lZKeMnEm5fLGnSiUfnODi_Yw&sai=AMfl-YSGPQxzPz_mNTu9qta59fP53Ebu_55qyfe6suMd9Cx2IjRMZ6p68Map0FJ1NA8GL_LAyqQdcjpFBGiCZDKshFs3EyocW7oXHh1xFrG3v-USYc_dcwehg7iLgadAetg&sig=Cg0ArKJSzBo0Up25HCfJEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame 5C0C 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Tue, 19 Dec 2023 10:34:35 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
1
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
aDHMnl8-MrJUBIa4oL-hQpLgXqsBJNjQRAiVCHsp--qFu_JJNrlRPQ==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5C0C 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 10:34:35 GMT
ft.stat
stat.flashtalking.com/reportV3/ Frame B5AA 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?0-7998036;3502511;0-307-0-0-689907227
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.84.51 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-84-51.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Dec 2023 10:34:35 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Tue, 19 Dec 2023 10:34:35 GMT
/
ad-events.flashtalking.com/state/7998036;3502511;0;202;B88E0315-8E90-5CC4-8AB7-0CC7D3E443AD/ Frame B5AA 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/7998036;3502511;0;202;B88E0315-8E90-5CC4-8AB7-0CC7D3E443AD/?cachebuster=331626052
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.24.107.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-24-107-100.ap-southeast-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:35 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
capmapping.htm
cdn.holmesmind.com/js/ Frame 246E 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
38
content-length
9921
content-type
text/html
date
Tue, 19 Dec 2023 10:34:31 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
x-amz-cf-id
zdzQo7jlSr7ssTuvCf3WT1DioQcnpAu6gJlI1xj8pv9FUge_o308fA==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 98E1 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
48
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
NK8gY99FBE_iMX1Z6Fnp6oEImhq7ke_zy8va6R5vthz9L7r_0ujikA==
/
cm.lndata.com/ Frame 246E 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 19 Dec 2023 10:34:35 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 246E 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.5.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-5-49.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:35 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 246E 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:35 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 246E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
H3
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
age
3
x-guploader-uploadid
ABPtcProGPGCaBOVG6ACWJjtUZ2S39p0ZQvbDgTLxT5lzmifmUw4f8vw4LF_pjT4Vv_uoAfGigUlbey-o7102eqkEkWv-aEWDg16
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Tue, 19 Dec 2023 11:34:32 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
ad.holmesmind.com/adserver/ Frame 98E1 		1 KB
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:35 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 98E1 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
34
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
F5Yrr6TFW3sglXBALh20LgSXfo0h174X0vecw4HWJC_7lNRNVYvduQ==
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=3988352298556606&bg=!oqGloe7NAAY3kmNgF5I7ADQBe5WfOFwdsH7j0E0CLQSp8AZ7CHXH1vL8gIgShjd0XeFWZ3Egaw96Tze8q4ZkohDOaI5ZAgAAAIVSAAAABGgBB5kCy-SPzPj1jCfuDYXEZOJQIJeavQRMyx08NLN0H_TCV2IPnhgme9rwGZJA288q9ucsoaGx28dVQBxf3YnELtpxau97GpiSmBRyKIooPZK9IZeeQ6_goEHsqV23qMfhEWwE7Ok6sOahmGCbOSHTvsvPe-gUoHzMBtQzAS-FrZVbmTVGkmGjG5S8srwxhq7G8rOyHLQsFGqjhefKump-9LcJp0btI3WlosB8vX9ReDPKi8RazvAYr-7J5nd7uRwvgX2pyWKnTK6sHJodKhDdY3m2-1wUxBoLYtOEUxuAb7oP_hSQuk_HAAdnmsB9QFt-_s3iN3TESciYXm5nL8Fh_TLkZuwMQfb5fkLJUCK4va9BwtUit_OkngxkvlNqBC239mMTQyvMgrLzh5NdQQ1ddDUlpQw2MeafjfTmbKm9nCY4lqw79hA0rZ-Bp7aO44gSh7IGLD9fY2AWvdeK67qOs2pVHmW4ZVHTjMa7RnU9gv6xyVx3VPiQ0DP4YUol4mfJW_9hkg6jnyCdtkYqRcaMx65Feh5RMgoax8YmBhffnoieQnRq-1cF2RF8V3Hgzpzx7sHFC3-mnETsBWwQFeMDJFHX12wv7TFbOGwSUvwvthIci6CHJy_k3yjNSix_X0YU_qbNLxlLcOsJMZBsaffCNfQuT1sLeWXQSAvGibiZovqVcLhHI15Sx54xGYO3xpl6Az2hI-vn3nqU52Io_7CmBxFRYG1z9RlBBDnjWtMRxkWSNaO2FkxB1HfTL69zBdF219tQqzIqFuoCpXE4qr-dQwIgWZga4jS1y_H50G95BBfS63ZA4iB4skeJfar3DcxG8lp8yF6hbmZndNE-erLvddf154N0kNuEjOos7yj5zh-eA0Ti1b2rSYCb75MfjZlvpMIFpLeaY36abvLbRjFq73DPa-GjE1k_Nm5w64snlpgdDupyhRDrDb5RGwmuSis
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ads.js
ad.holmesmind.com/adserver/ Frame 98E1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=372&o=1&fc=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&d=1&b=2&ts=1&ii=2&FPCK=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8a4a94f826becc5d969ae564ab8fed248dcbe980ca7d1cbe25e120d279f2dccc

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:35 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 98E1 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
30
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
nDjmswR5rGBEdYAz67HIbiR8atse8mTzFRu444ZhX1AFUtu5HZ2W9Q==
publishertag.js
static.criteo.net/js/ld/ Frame 98E1 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-20a3d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 10:34:35 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 98E1 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
38
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
ZGPAT-wn_6ezg_TAygXZdhMozxVDkEWceC_C1kXBhiBdik_70lghkA==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 98E1 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
30
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
t--fN3wTUpBwN6ra4cLMJAIhFudaLKz63sawhrOGO40iE0HlyOKM3Q==
appierV2.js
cdn.holmesmind.com/js/ Frame 98E1 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
L_ytFJI.iZbA3Ys9mJ75ciLmXqmRfuVO
date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2023 06:52:43 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
20
x-amz-server-side-encryption
AES256
etag
"21253aa5d7ee0c3b700ce5f1a4a1b4d1"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3446
x-amz-cf-id
NvhbQ2Ny7KRcG7iE0pRbuerKfqru0QJ79vV6TLpw-zTYN7rbiNnyEA==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 98E1 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date
Tue, 19 Dec 2023 10:34:03 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
33
x-amz-server-side-encryption
AES256
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5467
x-amz-cf-id
zIfcIGGukpa3eRhxLGYUzJI8rwjt8vuvOxu_zU1JOPcV1HqAK9Z7ew==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 98E1 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:35 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 98E1 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.3245514115230588
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
b754dd4159676fdc26211645e0f3562ecb9e8e71ccc057faf6717feb0e746cad

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Tue, 19 Dec 2023 10:34:35 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
bid
ad2.apx.appier.net/v1/prebid/ Frame 98E1
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:35 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 19 Dec 2023 10:34:35 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 98E1
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:35 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 19 Dec 2023 10:34:35 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
generate_204
tpc.googlesyndication.com/ Frame A6F0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?XsWL-w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
truncated
/ Frame 5C0C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7c0a594eacc0e47f79008f0672f7d233d1d978bc4dcb9387653be7f81075836

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
drawV2.js
cdn.holmesmind.com/js/ Frame 98E1 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=372&o=1&fc=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&d=1&b=2&ts=1&ii=2&FPCK=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
MSt.illVoQb3pO8IADvHgNboFaeniBxV
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 06:01:02 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
51
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
PyOrPsaiOotUzS5pT3cuG-4M5eQ58q7MFNwbHp4GhKl_9GKMtEQ7Nw==
activeview
pagead2.googlesyndication.com/pcs/ Frame 3260 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1yyarkAy_rRIsOp4Mpn87ADp8Kg1il8Ra0rX2mSoxUqlZ1PE1hA9OH7lPKrG6u3eKwumnwDv4MlbWlaiYlWMoK2rFrxhHvl8V3DHsk6LVLsEsJ4uwfYYiRzO54BQY5ekPuml_j4CnfQ1-veHboqIMemuO&sig=Cg0ArKJSzPd8n_pXOtu4EAE&id=lidar2&mcvt=1000&p=108,650,358,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3360245792&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702982074100&rpt=532&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CB76 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVnIuCn7kGVfPkoXOkV7E9nqEK0fvKJzWAJkY5Zb1WUP5KXgcl-GwrEHFGFzDGh5Uubs5tmfs9IAj7pnEPtbQwJkJBBqfr0YiKlZ5I9UpXPP14XGW07rDWtQYciNfIZFop7SBZgiLzEveqWhDtX12WdX5S&sig=Cg0ArKJSzENe3sACmlGvEAE&id=lidar2&mcvt=1000&p=108,650,362,950&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=3242553145&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702982071346&rpt=3324&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 28C7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxKUYchnC5Nux7_Q2GbKE4-baXLb4VyC_LVnE4U5pzIXaDKzKkALo4VQI3lTtPHiZY1jz_hkmpDRuS9Ay6K3-dVXpCIoIic-diUP1ieT1J_Bj_G2Q2Nso52S3cxH-XFaK20NFpfZgA0J89PK37LQvP7oaG&sig=Cg0ArKJSzAA0OefUh0sjEAE&id=lidar2&mcvt=1003&p=108,1030,362,1330&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=1451399479&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702982071324&rpt=3341&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
utag.js
t.ssp.hinet.net/ Frame 98E1 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:35 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 19 Dec 2023 10:44:35 GMT
syncframe
gum.criteo.com/ Frame C10D 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
96925fcf3f2e756c4ca746bea5edcf726bd05ae282e0ae4260753d62521536e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:35 GMT
server
Kestrel
server-processing-duration-in-ticks
2601178
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
cdb
bidder.criteo.com/ Frame 98E1 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=145&profileId=184&bundle=_QY_g196aHVBOWtzdlJnNHJudTdlMjNSWmkwQ2VpRWdqTFR5UyUyQlVLZWtuNjg4MzJ2QkxuWnNWNEMlMkZueDVjN2JYaEtpNFB6RW00JTJCa1NZZGpJRyUyRkN4RmNuWkZDZDFjTTVEJTJGcktPWmtKcmZvTDk5VFJMWlZZZFMxWXZVekZ3aWd3UE1WdzJkZGxrTFolMkZxZUJyV1B1Qkh0R1BLSGclM0QlM0Q&cb=25792253728
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:35 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
view
securepubads.g.doubleclick.net/pcs/ Frame 5C0C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurMG6drvAdxFKlBPrKXZRrJ-LAaFlDYEcSxcpSxRX43xqiUtX2NvAdhSJuWbm1IzQfnAgE06WKlSHh3k8vD5n6J7c_Je5NMU5XPJ6MHs3T1Jeuh9MZNtwBtQBuCbZ7wWkaOm9dAMj8wzufUn8A_VpITLBaYLN4bXXhPhjNQSRbv4YzmyH1vVBqlVl_82GrbtUuScVY0ico8coQcuCm68gMM3Rqy4av1FZorQs5liudtMbDiu8u4TyaaxQKAqRdTeIYIbHg7kKs3K9XGpHTWWAcACGNrOnQKzAyLaStdg4x7gaDguAccC06GknSku1OXpjusYDaVCbI8J0o3SG5jSTVN1RQNSYhTljlY-pKdbYJKV6iB2IFeXnRPQX_N9sirTxLaehXm2g3RiORhEoD4tahgMEk&sai=AMfl-YTs1ZajHI0xeUj-EqhS4IEl77pVAd9_kVTIa64sLWbxI9EDf6VEU1MOY83kDMgU0BnKnqhB67SRcw5QF9_H7TWVp09oTkFCzctS5pD2mAqBQ3gc02oWhOwrF4t8lqI&sig=Cg0ArKJSzHjQ4AHG3Ec8EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 19 Dec 2023 10:34:35 GMT
events
bidder.criteo.com/csm/ Frame 98E1 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:35 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 98E1 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 13 Dec 2024 10:34:35 GMT
pixel.gif
static.criteo.net/images/ Frame 98E1 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 13 Dec 2024 10:34:35 GMT
sid
mug.criteo.com/ Frame C10D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=_QY_g196aHVBOWtzdlJnNHJudTdlMjNSWmkwQ2VpRWdqTFR5UyUyQlVLZWtuNjg4MzJ2QkxuWnNWNEMlMk...
  • https://mug.criteo.com/sid?cpp=rmQ4nnxoenlHWjN1UmlzUUduaTF6YmxSZFFjOU1qUnNNQ2E1LzFVODl5c2VGclo4MFdBbjlGd1E4RU5Xa29Od1FOaDVselVoQU5HT0lwQTNjVVZFbUZNc0RUalhZSzhUY0x4MUJ0RkZ6ays0VUZuaUFKV1UxQXNERTZ3TV...
417 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=rmQ4nnxoenlHWjN1UmlzUUduaTF6YmxSZFFjOU1qUnNNQ2E1LzFVODl5c2VGclo4MFdBbjlGd1E4RU5Xa29Od1FOaDVselVoQU5HT0lwQTNjVVZFbUZNc0RUalhZSzhUY0x4MUJ0RkZ6ays0VUZuaUFKV1UxQXNERTZ3TVlRK2VzOG1TT3JwMmY4K2hWbzB5cXIyOGxNQmlVNlo4eElnRmJHTUxJZmhmZG5OcXhnaWJBbllJdGcvSmh0b0JHclgvdTdTRDZjK3AzOE10NE4rQ2VRZm94Wm1QQjJWcVhpbEJuN2pCSlRwQUNYODdKSnp5L0lucXBWdURxdTRmeldsL2hIdjZXZHRZeTV1NTlnTXRqUmF4cUZ0Z2tBNURpcnVNSDdtMGZuTlUzSktTMURJMD18&cppv=2
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
b2dc6d1ffef8d0317fbf0b08ddd5489312a955994fba348b1d7d9f104f557270
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:35 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1885291
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=rmQ4nnxoenlHWjN1UmlzUUduaTF6YmxSZFFjOU1qUnNNQ2E1LzFVODl5c2VGclo4MFdBbjlGd1E4RU5Xa29Od1FOaDVselVoQU5HT0lwQTNjVVZFbUZNc0RUalhZSzhUY0x4MUJ0RkZ6ays0VUZuaUFKV1UxQXNERTZ3TVlRK2VzOG1TT3JwMmY4K2hWbzB5cXIyOGxNQmlVNlo4eElnRmJHTUxJZmhmZG5OcXhnaWJBbllJdGcvSmh0b0JHclgvdTdTRDZjK3AzOE10NE4rQ2VRZm94Wm1QQjJWcVhpbEJuN2pCSlRwQUNYODdKSnp5L0lucXBWdURxdTRmeldsL2hIdjZXZHRZeTV1NTlnTXRqUmF4cUZ0Z2tBNURpcnVNSDdtMGZuTlUzSktTMURJMD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
331961
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 3608 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=3645463097489569&bg=!AwClAE_NAAY3kmNgF5I7ADQBe5WfOI4P-ZcgyMdJOrpXCrfToYyTIOh0Zf4wWr1eUFINmq_UxJr3-GmuXvv7hNZmG21WAgAAALpSAAAABGgBB5kDksHlI7OhxDjXftEEppbX15DGXjVkj4PqLjklll03LTzEmvZK2ZJw25lC8pRHvYItwUGnnkQCvQWOG5dc6nnvnVeb8-wzn5pyJo4JSnbL0SJzAGThfgZSC0BjGjN2xiAA2GjYzL5SGI-TgZK64EJEYvS8y6i2CLm1HsULhd8TobQlgSy4d7tNrWAORn8tSFgxYJ8gki4nkorsUpgKi1AoM-fCVUFE96P_ALhJfg5Y2DPV9tBjcFyCw6pEEDAOWk-wJaGGfje7omEkH5YmdWz8Kf1m2ovjNckAt04lzUkOAKHci6sOc1Ctgpdi3WaoB_RmiJlGbF4_JQkuJ3zHhoqScCkGQ3tYeOKVSFm5i4f42SNSnXKgkcyNHCeGrw_laVN-h3g5KmuSdeQkf746aJR5QeUzxf7x20pmvpz6FSCApMI5Q_p6R33btXUIXGHz95Syk62kONNsNU69AfU5zHvvk958e5ZKgVRWf42fnG1ABY0MBST1m_392zaNYfbD5GxwNU6AuPw0RsJwCUrCHTpqdV8WYrjXimM_Ifate72X6LeoJCPhuQ-RTPY2XlZ_JYP7RSFAxmUyzJC-hHtZZoBMyIoAGee0youaa_-OVc0alG4pi9KmCC1yJAyTBcxvksoHPwgPE-RE4vWyXbTbPQIhzpfmvnCxvVgI2n19XjLZAKTgWj0IjLKIwUb-dsOhAVRBp4WWWlnCyhX8btDIZws-xasWU9o8PChEAuf3jSKoY4c7t5deghacFSqWofC2vTkR2LiPtwQIrHzocSLvSr5eDnDZSitZB_Nud75RedLLMYfNw5t99Ho8mbVX6TgvvvHkM6dZrjyRnaq8EISOfk21UrntkRM4zNVOfx7ORzJIwnin33SFUT7sYxv8AIBdMrCXW9Ok0NbenihdpfWQeu-Jvxu3rbNOpzSl9xCWnNp-LHdG29MkcnjWa2Bwb_Hk-AT8FXuvQk4M5YrC5zs4YhkTu20Ot1a8-aWW2ROOF4w8OKDOf0rJKKcFOnorn4eL3wNQU25NFZhZSnWBQw_wFMKl9htx8HAJvcPM1jRaDwr4VimjUutM5O4T5SyPlcyOYULMOb1ePRgumwXUThhn-2IDxV-1WN-QtZbiMoTueZL6qlkp7gfs4kc6HEBhMiCcgl9V3-xv8VsoeFWNoCNR_340oZXqLbD6ELRYrrHxTTFYLofdjIjA8tGtoybxQklLobP0fi1h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame CFD7 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
992767cbed53ffaff872d65f4dd910343fa5baf04f3efc52b37afdb764cb2d06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29456
x-xss-protection
0
server
cafe
etag
418 / 19710 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 10:34:36 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ Frame CFD7 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 11:39:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
82525
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 17 Dec 2024 11:39:11 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame CFD7 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3067474213740656&correlator=561522019733527&eid=31079925%2C31079957%2C31080078%2C31080120%2C31079977&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3D930d1bce7898369c%3AT%3D1702982070%3ART%3D1702982070%3AS%3DALNI_MYiCmPZGPnbI7qaTgasfecmEEAHmg&gpic=UID%3D00000cb6257739e9%3AT%3D1702982070%3ART%3D1702982070%3AS%3DALNI_MafMKtM9XZUPaZCUtWzYJCmdH5LVQ&abxe=1&dt=1702982076457&lmt=1702982076&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=jus8prv55owb&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=12&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1091650299.1702982071&ga_sid=1702982076&ga_hid=1717796841&ga_fc=true&dlt=1702982076184&idt=149&adks=3360245792&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
458de00c44027ecfe980ba5915c6b8d458ff5d7c47a53de93db3ad85b87a4e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:36 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12576
x-xss-protection
0
google-lineitem-id
6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CFD7 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
481f37e94c1ce65b5075077940de8347f3df64e97dea621a6e06d7c0c91381ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12119
x-xss-protection
0
container.html
93e316ec37e4979788aed6448b0f2244.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 711D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://93e316ec37e4979788aed6448b0f2244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=12
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:36 GMT
expires
Wed, 18 Dec 2024 10:34:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702982070630&gcd=11l1l1l1l1&dma=0&cid=1091650299.1702982071&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1702982070&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&_s=3&tfd=6150
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CFD7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 10:34:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2129 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
118194
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 01:44:42 GMT
expires
Tue, 17 Dec 2024 01:44:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9074 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:818::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a6853ed0a1b575cd7a051081a584737626e948c8fc7a0caca6af76f1174cbb3e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YxOjw-1sy1fHujQmFv_kWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-YxOjw-1sy1fHujQmFv_kWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:36 GMT
expires
Tue, 19 Dec 2023 10:34:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 2129 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 08:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
93473
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 08:36:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9074 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=3067474213740656&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 2129 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wSRvWA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 8EDE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBC0XwSL0ULfIXacca_78Ktykc4M0oThdTnXl8JNybhPklUtFZT-wl6YebFZCOzeqjUdcYwpqiHF3RZAYlQdeqpwNTFqYKjRcRKvyMlwv7FvyMovIdyF31k52nDtFR8W4lFmwIJjqsx79TcCdFsSeHljPpUnwmSAfjXRP9e92EB-zrQfBmL1gmr_sP2492bDS5gZ8TY8IOuk-FMd5Rbsld4HtbYzzboLGisSg-tXbFCThJ4Fj0LZrYji-H7Fwg7TuJZdUgBQXJHHPKfI4tSttbE5eb4KKjBJVbjkVOXX5HtM88Ax5iB_GukYSEf5oAOKdRXdD5X7DIFeMdpb7ABCQ-54qPWhbDVeIOnXcS7dDDuQ14OADhe5sMqdaRyoMO6JsPtgnoToLsE34Zw1TFzkI9Rg&sai=AMfl-YT4wzBEaAPDb0oKTQWyhCSLK1CvGGfGTsRos8seQ1t8evHR-8UEmDuYhSVIUgIMzNPgWPXeGrLIan4svrEZhwQX4GAbIOS73mPwqIGfwXbidOlsr-x0QkO17wXy3gM&sig=Cg0ArKJSzECrkjNH4-jFEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame 8EDE 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Tue, 19 Dec 2023 10:34:35 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
2
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
_2mmim7Iyi4ngRf4o9Cau4LPtTXGP2LIvTwvyceZohzCngUNg7feOg==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8EDE 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 10:34:36 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame F8D9 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
39
content-length
9921
content-type
text/html
date
Tue, 19 Dec 2023 10:34:31 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
x-amz-cf-id
g7KiLicV7LY4sYwjx0D95-HcTYZ_mQSD6IOxqjfFIiw0DYYpQYBunw==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 2E84 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
49
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
Q_gD9KMjcvQXpp0GNf-JxJX8jDXQRPQ8lVX28O5b3ARXxPtWQPXkFg==
/
cm.lndata.com/ Frame F8D9 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 19 Dec 2023 10:34:36 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame F8D9 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.5.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-5-49.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:36 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame F8D9 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:36 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame F8D9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
H3
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
age
4
x-guploader-uploadid
ABPtcProGPGCaBOVG6ACWJjtUZ2S39p0ZQvbDgTLxT5lzmifmUw4f8vw4LF_pjT4Vv_uoAfGigUlbey-o7102eqkEkWv-aEWDg16
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Tue, 19 Dec 2023 11:34:32 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
ad.holmesmind.com/adserver/ Frame 2E84 		1 KB
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:36 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 2E84 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
35
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
2wpYFgm9Q7vEzPZe5RNEbjEnTxpr1VtbIumcCte2ISpaTfZGiElKMw==
activeview
pagead2.googlesyndication.com/pcs/ Frame 5C0C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2Rd4-TXEr6ks8Bx9hrczbGUMyJkOSuMAsA04XrksGWAy28sU6pCWEhzmbbaHbZrlnpEpRrEvTjZgBAR-LV9rD85qZcamIP7IoK-QAkXBmuf19CpbVutP1pzI4rVRFZm55pgTWq4T-H3BJWMA8wTv0JIOi&sig=Cg0ArKJSzMiOkKtn-2u3EAE&id=lidar2&mcvt=1000&p=108,650,358,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3360245792&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702982075429&rpt=374&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads.js
ad.holmesmind.com/adserver/ Frame 2E84 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=273&o=1&fc=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&d=1&b=2&ts=1&ii=2&FPCK=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fab6c3a3d6244fbc90ac6ff183aecbc53564251e1b11a83b84e21b9db7d859cd

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:36 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 2E84 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
31
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
z-lfqckRgSTxa7yhyUmf4bwKZSbwKm17nd6sscRe_BXUUl2mLSkuTg==
publishertag.js
static.criteo.net/js/ld/ Frame 2E84 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-20a3d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 10:34:36 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 2E84 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
39
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
1vMjhyLDGqGpEnFtzrm-kHoFAhtNPLSGHiTyp2ajcwBEC4mK9g7HWw==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 2E84 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
31
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
vOl2kwtkXnKEmGB99WMoM4qAcxr1Z2DQZhYnghBF1DRxQP4_A6CIew==
appierV2.js
cdn.holmesmind.com/js/ Frame 2E84 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
L_ytFJI.iZbA3Ys9mJ75ciLmXqmRfuVO
date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2023 06:52:43 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
21
x-amz-server-side-encryption
AES256
etag
"21253aa5d7ee0c3b700ce5f1a4a1b4d1"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3446
x-amz-cf-id
_dfiMEpT1PafPkn3pW0GykgRs7yBuWHfkPeKwnbMbYc_sgwjbl0MjA==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 2E84 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date
Tue, 19 Dec 2023 10:34:03 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
34
x-amz-server-side-encryption
AES256
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5467
x-amz-cf-id
gJ4oObuunxFKakd7e02C5a7XGaKn1A7QSWA6v2dpIgF8olYGu_WREA==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 2E84 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:36 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame 2E84
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:36 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 19 Dec 2023 10:34:36 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 2E84
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:36 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 19 Dec 2023 10:34:36 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
prebid.aspx
prebid.scupio.com/recweb/ Frame 2E84 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9561170923109259
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
aa20ef7b35f175e803e93177a2f1ab682ec76f12c77a6fbd661ec9ba97eb8fff

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Tue, 19 Dec 2023 10:34:36 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
truncated
/ Frame 8EDE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8bf9e2d56e0f35eddc816d2a8bb11ebe4643ac29b75539f56607e5bbbe59491

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
drawV2.js
cdn.holmesmind.com/js/ Frame 2E84 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=273&o=1&fc=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&d=1&b=2&ts=1&ii=2&FPCK=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
MSt.illVoQb3pO8IADvHgNboFaeniBxV
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 06:01:02 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
52
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
NaXreQPfF86UqIQbwC_5uYct-GLwolqdlc-XNePjbJmt7dHz0sS0dQ==
utag.js
t.ssp.hinet.net/ Frame 2E84 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:37 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 19 Dec 2023 10:44:37 GMT
syncframe
gum.criteo.com/ Frame 2AE9 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
96925fcf3f2e756c4ca746bea5edcf726bd05ae282e0ae4260753d62521536e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:36 GMT
server
Kestrel
server-processing-duration-in-ticks
1584952
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
cdb
bidder.criteo.com/ Frame 2E84 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=145&profileId=184&bundle=0cjh4F96aHVBOWtzdlJnNHJudTdlMjNSWmk3eE1MWUl0ekRMNnZYWVFFZW5STXBVd3RCUnJrV2pXTDVEY3E2cklMSDdzOEpmb1YyYUJib3VGWDVUemU0VG1zWW14cHdUaXFrNVVkY3lTajJsQyUyRjRYWjAwS01RakY2SWJkOVI4bnVxSCUyRjVTS213ancwc0tYVmg0ZHZFdEpzS1F3JTNEJTNE&cb=6857790430
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:36 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
view
securepubads.g.doubleclick.net/pcs/ Frame 8EDE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSLqH2M5h1vmVG5NmiuqeCFdOh_jSN5-_ZiJJmM85qP-WFC8GIOldJwaXjYk3UmqAi3xJTmzN3zADzVusedF74nLGd2b0cuzSQQs2Q8sT1G-eMrT2H0i7-M0_Asi47_SBAfe6UEER48mVd6b3WJ_1ARJ7GbQg1yviunrgSIxOgaByWeZmTpqE7tRcNCTPeXeg4Bnpyej3O56FaOxyShTUC1hzc_LOVAxz-47CqM7gXmVsFSRMfzchv-4zfzCqjGwSp3eQMu04NO1bXaQy0vLYpUWWMpj9nL3oHStbyzxhPOvA40mcaCxzKpPPKhZpDLrg0Af6Pk-C1wd3G8j_JI35GLijhfydUKFCMBBkFZy9vCv4v1gSR1CUPjTswwZDFYyCoF07qFd9RDVtNmfz0UdkF1rUL&sai=AMfl-YQDfBc_EPF19PA5LzHpqwKK048mSW9pDgRy3g1daDuVHX3BDJly3fZWMRwuRol9vkF2hdVnDL7za8S8c0ONO_OSNSRU4iM40UcGTznD97OT58c1kmz3qk_FgiNeqeA&sig=Cg0ArKJSzJiLasjsj2a8EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 19 Dec 2023 10:34:37 GMT
pixel.gif
static.criteo.net/images/ Frame 2E84 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 13 Dec 2024 10:34:37 GMT
pixel.gif
static.criteo.net/images/ Frame 2E84 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 13 Dec 2024 10:34:37 GMT
events
bidder.criteo.com/csm/ Frame 2E84 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:36 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
sid
mug.criteo.com/ Frame 2AE9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=0cjh4F96aHVBOWtzdlJnNHJudTdlMjNSWmk3eE1MWUl0ekRMNnZYWVFFZW5STXBVd3RCUnJrV2pXTDVEY3...
  • https://mug.criteo.com/sid?cpp=76T2UHxJMnpUb2VDV2NIei84TGNUcmdNc09UUW56bUVFTTA0SFlUeHY0MDlYRDNPbXBRZVRGRzNLSjd4aWk3TW9OcUYydXVsRE9YT3NKaktKZzZVWndpSDFmeERMZ0xkeUtMYmVvby9ZMEd1YndNdjJWRFlLM2lxdnFiZW...
425 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=76T2UHxJMnpUb2VDV2NIei84TGNUcmdNc09UUW56bUVFTTA0SFlUeHY0MDlYRDNPbXBRZVRGRzNLSjd4aWk3TW9OcUYydXVsRE9YT3NKaktKZzZVWndpSDFmeERMZ0xkeUtMYmVvby9ZMEd1YndNdjJWRFlLM2lxdnFiZWNqVmZ0RzBWVjc2K1hsei9NdlJvUXhzejQ0UXVOUFMvMFBLbkszaE16YU9SUXcySGRUZlgwSGo3UjNuWjRiRk1valJRQlpXQnVyU252NkVjVE1qWVRjTWQza2VUSEdRUmdYOGFHTXFkLzBBQzZUS2FpQjZsNnJseUtlN2xxQmlaazlCQnlhbTg2LzBBck12L09MMzZkbkJmNkMvR3RwM2NGaWRGd3h2QnJSVnRDNWlQV2trYz18&cppv=2
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0e5a11692c77bbf720d6781cb2620ee78c960e8bb9d68d140010c982939be8e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:36 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
857173
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=76T2UHxJMnpUb2VDV2NIei84TGNUcmdNc09UUW56bUVFTTA0SFlUeHY0MDlYRDNPbXBRZVRGRzNLSjd4aWk3TW9OcUYydXVsRE9YT3NKaktKZzZVWndpSDFmeERMZ0xkeUtMYmVvby9ZMEd1YndNdjJWRFlLM2lxdnFiZWNqVmZ0RzBWVjc2K1hsei9NdlJvUXhzejQ0UXVOUFMvMFBLbkszaE16YU9SUXcySGRUZlgwSGo3UjNuWjRiRk1valJRQlpXQnVyU252NkVjVE1qWVRjTWQza2VUSEdRUmdYOGFHTXFkLzBBQzZUS2FpQjZsNnJseUtlN2xxQmlaazlCQnlhbTg2LzBBck12L09MMzZkbkJmNkMvR3RwM2NGaWRGd3h2QnJSVnRDNWlQV2trYz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
408825
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame CFD7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=3067474213740656&bg=!3N-l35DNAAY3kmNgF5I7ADQBe5WfOEhP5w8IamDYj8bKnGA_67ynG8XkzD_x2p2FvR-ODQu2YNJunKIqh76ZoBprypt7AgAAAFBSAAAABGgBB5kDtWyrIPZScz0NlU0XnUtN7fqRUOUQhyzgY2DY0ielGuzegOEoVj8dNY9RX1s76D1jlYXNMSThIECodaSuzpD-l2ojGZWeH8T4aCm2YrspoMOJR1vBnNdI921fTioRIfa107eLpj7U0v0l47Xa5hqZ0jE1ZpXnwvpnRm10-CZslAaB9S9EIsHSoJ3Fsso2e2ipGhdEbKI7Q744HF7-BGEJpz3vgpJq80gW2SqjocBqB5jbtBJxCuDkkuwjTX2tI4rO0jYVQu3NNygSkLUQUS9wyQD7OkYJejnmJwzvKggzKA7hByIY1toGEGaoYC9zV4hMtzzNIG9Ng7UXEGTm5F0DxuEkve7yZsjq2nh0ffVk0Zj24ajai-x2fomitn2pEQYjYrCAqiWZ7ZIsOAAMTdpW5myWQw0KZ2XhySGlwTrvxYePL7ZSnHaFLZwCviG2fuFgnwiXQPH1A6XNOQ8ZQcVg7n0oeN_Q4gnr_Eutm5AC2ArWJqHIY7-DBP129kDjmorlyTZxER2vosCKbcsLvRa3Y7Y91OIIifRwXqcYx-I430YDzgkLkUkAG9XBsYysRsvjtJ6816iG5NOOXy1kpaJZT_90P4mpK4OkISs6p5gQUR-Vg3_LFiWBlu4UX53zCNClS425gjIf72T4nSa3cNvZBUUeJ17oUgi7e3fZoXj__YdxoWHaj0kiVPKjgvprwoTulKV6dYZ6vFEHqAOQOZlrjDPfVLtSpWiY1WumMIFRAdYLOXiDhfYbggbscH-IHRjqLRSAeykyD3Miq7HrC32okiZRhxQZEGoYqvAZPYzNTQRBbNYp4MwFhne55vNsnkvAlueztmYikSRd89JBn_qNGkwI8ng4gIceGOu7w9xMz1Z5Z7A_ytXF6evjagURpnMyEq6db5TAIs9uvR8afJokbwRJQiWczmGhDm-7DE56evgD6jTrx6MikwRSZLPj1f8-p_xNUYUoTm6GHX5Hm3KwdQESkDn3b0WeIkWE5kRaWvi-RDgpkKpUt2iOq7vXv30qTn_2bueZnRN8SOv2aI5NWnps5GZeq1opHQATyZTF3fWocITGz83jnhVyU3GVPYwpK4dMaQKCkhoi1vrGgUHq988sI1ugZgiEzVtpn7bJxprv2eoG0juU-JRrNz4nLMtSl87bG9PSvbNKsXDIW4Mq_Pc5uG1rMEwAM63-989ha-Ialxj-I6Gje4WmHy--qs9vOZEIplTPZ4QONF76OJBJ0KIGjv76K7y667Yf7QB8WiiwcUhEpsE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D30B 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8b331b2bb22c281a37d29500bf8e4979102a94e4e115136c9ca8cbe420002c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29456
x-xss-protection
0
server
cafe
etag
499 / 19710 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 10:34:37 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ Frame D30B 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 11:39:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
82526
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 17 Dec 2024 11:39:11 GMT
cm
t.ssp.hinet.net/ Frame 2E84 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&mp=cb19cead-7983-401e-85f6-6f401482e2d0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:37 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
cb19cead-7983-401e-85f6-6f401482e2d0.t.ssp.hinet.net/ Frame 2E84 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cb19cead-7983-401e-85f6-6f401482e2d0.t.ssp.hinet.net/pixel?bd=cb19cead-7983-401e-85f6-6f401482e2d0&t=50ef57&referrer=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:37 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
ads
securepubads.g.doubleclick.net/gampad/ Frame D30B 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=275675044299463&correlator=1414115034304996&eid=31077976%2C31079240%2C31079977%2C21065725&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3D930d1bce7898369c%3AT%3D1702982070%3ART%3D1702982070%3AS%3DALNI_MYiCmPZGPnbI7qaTgasfecmEEAHmg&gpic=UID%3D00000cb6257739e9%3AT%3D1702982070%3ART%3D1702982070%3AS%3DALNI_MafMKtM9XZUPaZCUtWzYJCmdH5LVQ&abxe=1&dt=1702982077619&lmt=1702982077&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=n07htrzcdo26&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=15&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1091650299.1702982071&ga_sid=1702982078&ga_hid=2013906344&ga_fc=true&dlt=1702982077497&idt=112&adks=3360245792&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7bef7a8983828d0fc3620a87c4bfa2b730c7c9539d06657591f1ae833eb743a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:37 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12569
x-xss-protection
0
google-lineitem-id
6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D30B 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac773db03b84a9c8c236fc94ea31138fa9989c7e83caeabc5ace5c01fafa7e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12459
x-xss-protection
0
container.html
e36a608567ca68ccf16afddceeb24ff5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AC84 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e36a608567ca68ccf16afddceeb24ff5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=15
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:37 GMT
expires
Wed, 18 Dec 2024 10:34:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D30B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 10:34:37 GMT
event.png
tpsc-ae1.doubleverify.com/ Frame 5476 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ae1.doubleverify.com/event.png?impid=318b1e24ffe44ac9b17ec0f1997777af&flavor=0&gdpr=&gdpr_consent=&ee_dp_isom=1&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_btreg=7998036&ee_dp_btros_64=0&ee_dp_asmm=1&vdur=514&eoid=18&te_exec=0&msrjs=5158&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=25&tetms=7&msltms=9&vltms=514&sei=292&vetms=4&tuviims=79&tuviems=597&engms=1&engisel=1&ee_dp_ddtes=2&dvp_dtcov=4&sim=3&ee_dp_rbgms=1&msrcanlm=456&msrcannum=4&ee_dp_tmads=2666&ismms=38&isumms=37&nvr=6&elmtp=6&isbxdms=2637&b0=100&b11=2688&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=2788&sftb=2788&msrdp=1&naral=192&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1037&isuiabvms=1037&ispmxpms=1037&engalms=36&dvp_dpr=1&vstsz=753&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3542
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5158.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
Pragma
no-cache
Date
Tue, 19 Dec 2023 10:34:37 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-12-18T10:34:37
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 481A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
118195
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 01:44:42 GMT
expires
Tue, 17 Dec 2024 01:44:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EDB5 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:818::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bfdb8ca2c9ccdb14ad4dd8a885e882883b2333f38f87fec17511c03f57975f68
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b8cgUjRml6vgUZOC-fEzMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-b8cgUjRml6vgUZOC-fEzMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:37 GMT
expires
Tue, 19 Dec 2023 10:34:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 481A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 08:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
93474
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 08:36:43 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BB8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcOM08-spInGk72sfHDXhFQHKI0ymKK8Kyh0WnhBklqMtnmOdpWrQQfuwDZMUt34cSDJMj2yEnfb0Oc53OtjL6MIAmfME1E6EVNz7uvUwDTYjc4ZKlHOrC20Z98ylZSX2w8q6qQ3sYBW8pPyDY_VB2udpoGMozOdyzP4xRNFA393ZFo20WgiZI7P7zwDJCC3ogb-ydYRaPVsddDeyBPrNwa2bXwEdYOCTR_pCjx85ZP4AF9rAsnMsSxYqZ2iINPmMmahefwDnzYAADUfu9oC33dOnKus8jH7nsda6GnPLP4e2yesY84QTO3-msekd_TsgtMQAn-QgOJxY_DPcU8DakQ6I8aflqO1sM2xulYKFhoMdSIqIMV-0oSBSakQAXXbguHix3rmRQOMCokjzklnyQ1g&sai=AMfl-YQJfkzhTlWVKexEMVmR7yYT_5EXdHRlmt0eInTM66NRuV3KWmNq0Mx_JeTQA2pysH79P-kCIuU9lbJifc3P3OcDGNFTuQzbMd_5YeX_gYfpjyGEZbEP7xp1RMcSgUo&sig=Cg0ArKJSzGbIP6J6p_WiEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame BB8E 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Tue, 19 Dec 2023 10:34:35 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
3
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
c_csSxdz7pidF3X1fkDLNSQxwq-Eh6j0t4nFmXO1A9xokFz3EWfU8w==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BB8E 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 10:34:37 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame 4901 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
40
content-length
9921
content-type
text/html
date
Tue, 19 Dec 2023 10:34:31 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
x-amz-cf-id
AVs7tLKXQZucYlfFGliC-N84RiNYOIteo15bj0do27FXpB0lVpsXzw==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 1552 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
50
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
vQb2DXtLf8Xg5caFn7eUBVsOtZdPEjyuHUBQlbt9NqDuvw-UK4zcYg==
sodar
pagead2.googlesyndication.com/pagead/ Frame EDB5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=275675044299463&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
/
cm.lndata.com/ Frame 4901 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 19 Dec 2023 10:34:38 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 4901 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.5.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-5-49.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:37 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 4901 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:38 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 4901
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc
Protocol
H3
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:32 GMT
age
6
x-guploader-uploadid
ABPtcProGPGCaBOVG6ACWJjtUZ2S39p0ZQvbDgTLxT5lzmifmUw4f8vw4LF_pjT4Vv_uoAfGigUlbey-o7102eqkEkWv-aEWDg16
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Tue, 19 Dec 2023 11:34:32 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw&uu_m=undefined&google_gid=CAESEHV_diSGCBNTlgPgB1COi3o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
ad.holmesmind.com/adserver/ Frame 1552 		1 KB
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:37 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 1552 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
36
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
KlfFZQMOZAKrwwBmYQgXcFK2Fe2_qPabbGPN_Tp18C4PS2XM2EjKJw==
ads.js
ad.holmesmind.com/adserver/ Frame 1552 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=162&o=1&fc=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&d=1&b=2&ts=1&ii=2&FPCK=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c629b11fffc2bd45366c9b28dffb9cf88b1dab3b51209c13a32acc6b5af9dddc

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 1552 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
32
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
DV7fNKZJxJhVwTloOigLBZgXmhttj96Cz0QTrmDN-BgxwV6VhjsOaQ==
publishertag.js
static.criteo.net/js/ld/ Frame 1552 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-20a3d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Dec 2023 10:34:38 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 1552 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
40
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
LV0Hkg4M1QBYskHzKevUgeDefbOzwL7j5wCyjpyOP2Jmvoz4e1ZkhA==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 1552 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
32
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
PIGXZVZuCxvJKLlV-bfIDif4pvJz_ZqFSD23G0cLnyMx9RZIiN7FVA==
appierV2.js
cdn.holmesmind.com/js/ Frame 1552 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
L_ytFJI.iZbA3Ys9mJ75ciLmXqmRfuVO
date
Tue, 19 Dec 2023 10:34:32 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2023 06:52:43 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
23
x-amz-server-side-encryption
AES256
etag
"21253aa5d7ee0c3b700ce5f1a4a1b4d1"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3446
x-amz-cf-id
0WZbPFFyDUMIIVbXa4Vf7EKBXCF0i_pfErwE4yfibS3Yb0l0O44asw==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 1552 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date
Tue, 19 Dec 2023 10:34:03 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
36
x-amz-server-side-encryption
AES256
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5467
x-amz-cf-id
KQiX-3W0A-I8WdyckWrQ1042fKrMb_1SpYZwt_zFjCYb-FjsE8TuuQ==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 1552 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:38 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 1552 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.15724738272300187
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
e9ea5e5cc6138687eb5148bbf1e86d9479dfc701065c9a40095d5f8ebd16d27d

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Tue, 19 Dec 2023 10:34:37 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
bid
ad2.apx.appier.net/v1/prebid/ Frame 1552
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:38 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 19 Dec 2023 10:34:38 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 1552
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:38 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 19 Dec 2023 10:34:38 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dd7rY3YWBPKKMU9mt3GBZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 481A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5m1_Hg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
truncated
/ Frame BB8E 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5585f4a29767dd31fbe68ea10a0fc4db6ca5e82b3b8d76535ae131c5ac77f7f8

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
drawV2.js
cdn.holmesmind.com/js/ Frame 1552 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=162&o=1&fc=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&d=1&b=2&ts=1&ii=2&FPCK=9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O&fp_uuid=9901-e0dae32038ed048900e6ce0674e75cfc&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
MSt.illVoQb3pO8IADvHgNboFaeniBxV
date
Tue, 19 Dec 2023 10:34:31 GMT
via
1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 06:01:02 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
54
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
jf_agKpPssr9rRxQHP2Cg8BCvenK9LtIXbOGdgMKGSZbyFmLlVJVew==
activeview
pagead2.googlesyndication.com/pcs/ Frame 8EDE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkzIPjoqcGc7D4O31VInKed5XbCAe26CILtT7JN0bNLsDOTgG0icJEPuJAcC7BN_IfCR-wbQoi1NoeOUBXm7nfVChEO_RISzFgXZeqN5wuoDaYGm1MU0PDE6r9QuiFI0pdlqb1MUU3xd9_pm01S1Yiy_xa&sig=Cg0ArKJSzCmOMFQe2LkxEAE&id=lidar2&mcvt=1000&p=108,650,358,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3360245792&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702982076764&rpt=331&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
utag.js
t.ssp.hinet.net/ Frame 1552 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:38 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 19 Dec 2023 10:44:38 GMT
syncframe
gum.criteo.com/ Frame 0C29 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
96925fcf3f2e756c4ca746bea5edcf726bd05ae282e0ae4260753d62521536e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:38 GMT
server
Kestrel
server-processing-duration-in-ticks
1014473
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
cdb
bidder.criteo.com/ Frame 1552 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=145&profileId=184&bundle=bmuB8V96aHVBOWtzdlJnNHJudTdlMjNSWmk1YlRuTFZjMXczZFdjWTlEYWlxM2w1RnNQWVI2Q3dneTFHcEFhNUthOHE1WjlwTllLSHBVbXlSMmpjdGljVG1JWU5vRU53YmRGd2hrUDVCNmQ5ODJIVyUyQnFFNGxlS0xxUVBia3hwQkx3JTJCVHF1N0ElMkI4NmRqWmRONXpqNURnOCUyRmsxUSUzRCUzRA&cb=62221916218
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:37 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
view
securepubads.g.doubleclick.net/pcs/ Frame BB8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRbDv5ojoErVXO9JUE5Unz47wx3NeuwQwobBnDEg4s_7Pe_SpTGjN2dHUCOkhT2bT-Jadjf1Te3Ce_ndSKQszMgRAIog2HCDYqjAuDSiPcfPiMPHsgIu1_-dGkR2RAQNmJNv1znhPyfpSE3zqies5UoX7fbkwSJJWtJTD0-lNEHi6A5B9b7dbSrd_U7JZtXdfzMo5GF3Zpgrfn3pRfy8fAgoDBJUSeTa3QVPEFuOJ9vm49r9_rPnKJxTkEz9QtMz8ac_jbuwpMNY8RRNc3n1CDJ8IpAl6gM0ybmC9v1b8svVnaZEMFpTsPcjq0oZgonXRdZ-gdgnV8sBg7WyqgvukP4D9i5hGcQ9JDpQGu1SxNjaoDuKmD0JQMSQ2rAbvjtd0vxaufRryslmN0Iqqsx-rCtgRB&sai=AMfl-YSEwUdiMrl6ykytL5aNwQEplsC99u--y1V4SAC6heJFayQ1d1VthRpADbCFllN_BP3_DYlJbfA7HPZ71NV6sB2auLRe3d0Lf0wZhl0Jn9WFUo8Up7HDmBWhA-tGPoE&sig=Cg0ArKJSzCoagWgQFPf7EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 19 Dec 2023 10:34:38 GMT
pixel.gif
static.criteo.net/images/ Frame 1552 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 13 Dec 2024 10:34:38 GMT
pixel.gif
static.criteo.net/images/ Frame 1552 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 13 Dec 2024 10:34:38 GMT
events
bidder.criteo.com/csm/ Frame 1552 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 19 Dec 2023 10:34:38 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
sid
mug.criteo.com/ Frame 0C29
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=bmuB8V96aHVBOWtzdlJnNHJudTdlMjNSWmk1YlRuTFZjMXczZFdjWTlEYWlxM2w1RnNQWVI2Q3dneTFHcE...
  • https://mug.criteo.com/sid?cpp=-sNSFHxxc3ROZFFpYndXc1lVK3diSytCeFlkMGJFYXlNZmx5UElkTUZWeVcxL3FMZFlLbUVscW9ENkNDYXArTW1GM01CNnpXSjdiQk5VS2liZlNKUDdnaTlQeWY3VDQ0UmVGbUJjRFdUVUgzRmJlYnF3NG93YkkvMlhpY1...
436 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=-sNSFHxxc3ROZFFpYndXc1lVK3diSytCeFlkMGJFYXlNZmx5UElkTUZWeVcxL3FMZFlLbUVscW9ENkNDYXArTW1GM01CNnpXSjdiQk5VS2liZlNKUDdnaTlQeWY3VDQ0UmVGbUJjRFdUVUgzRmJlYnF3NG93YkkvMlhpY1ZTOHpTOVlyNGtmT1NKSzBFL01zSytkYXozTG5BN1lHdDAwcFhkRFIrcHp6aTlrd2kvL3hwengzK0tVeTBuUUtERDdSZUFPc3JjWW5oNDBDaFFyUTd4b0FHOGFLN1JjK1RTN2pqUTRab2xlUU5yVkJsN1AzU1RwY0RldG1peElaRGE2VlRZTkw1bUk3UCt0a09vcEVIejA3aHFlU05yTDN2Q0YzYTdXbDNVREJHRFl5Y2VVYz18&cppv=2
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0235afa7eadb75ccad0acfeb7546fc0245fdf1d6f813677d9ed0bfe02dd3070a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
939903
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 10:34:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=-sNSFHxxc3ROZFFpYndXc1lVK3diSytCeFlkMGJFYXlNZmx5UElkTUZWeVcxL3FMZFlLbUVscW9ENkNDYXArTW1GM01CNnpXSjdiQk5VS2liZlNKUDdnaTlQeWY3VDQ0UmVGbUJjRFdUVUgzRmJlYnF3NG93YkkvMlhpY1ZTOHpTOVlyNGtmT1NKSzBFL01zSytkYXozTG5BN1lHdDAwcFhkRFIrcHp6aTlrd2kvL3hwengzK0tVeTBuUUtERDdSZUFPc3JjWW5oNDBDaFFyUTd4b0FHOGFLN1JjK1RTN2pqUTRab2xlUU5yVkJsN1AzU1RwY0RldG1peElaRGE2VlRZTkw1bUk3UCt0a09vcEVIejA3aHFlU05yTDN2Q0YzYTdXbDNVREJHRFl5Y2VVYz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
392115
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame D30B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=275675044299463&bg=!oaKlou3NAAY3kmNgF5I7ADQBe5WfODazoqAt5HPr275bj2Wkho-3Ky9AEOnIqCiydZ4bQ4imfKsiJwrGKulCLWLqUp01AgAAAIdSAAAAA2gBB5kD51hSjfaz2_21CL2H7IhIG3Y2eft2IY3VfNtNRlxO7M7QCIqIphBW0IGPUGGomfS-iIIuZ-ow7xzBuXpIcy6UTGZ9SXIz_tqQwGjK2THKS_4FleRTMK4cSrkLARgVwnuLsYEZXq28-aQFwd6RyS6bCq8_BZg6olQbl4GibQg-65GcEj1A0UCY5m4Rvl2yQ14OCHKgRH3kx_j0ZJWnlzr2FDIYjH13E4jSj-O_KWee1Da4L-7Kv9Nu0MvbxGbTSGFE7HzQRYgr-hU3MqP1ZaS_9-HGfmnMIfQaBKj-pcZ1yc5zOo69MgkQByPKwd_6ZWLMC1b0C3FNTeobrsXBlnwzu6nrKrxKUk1vNceAlsgweoR4dVaKEx4nlwf_ALVbmVv_DwruTfaoV-e19FlOh3UscxgQ7qb1qSkGDUrFd5G-hvqct9RvNnrzQS-73P3zoL296rnaBp5T_Y5Ut68ruWo9wlCg_qZYWvcB5eNH54LQALJuijoFUNclwxyNb5PDFGV6XRMaJzM9v24s1w5nY1asPCvJ60E4OqdBbu4otMuGMjkimoRJ2qz5Bhuzh6B34LpvC5_eRT8vgP1T-yLnkXWN0ePnUGWrFr2X0BIvK-1lLtSmjv7hctx-jN4v8Xpb629B8aKvEI92OJghy0nCIvMkI9VtEgoaz0yICORnl5ru3ZKTRA_zMn15xsL6FSC4uzbxyLlS8O0cCwJDkXNaM9V6H_nRa6j4QXJ2Soe6CGefhV96uK3Dd9G8H6JUiFK8STqEhfwfMDMEd4t87wjNEaw-vKVq747Pt9bRiXHbLiovD7dFHDE6yQLdqSqnOmZeDfT4OhaRsw4490HCDb6K8leAcDTZNWNEKBZXezdoxVHiUk4wcNbwPjppEddawUPKkd9lIMDrbp8D5JquBOLr8G-_v-A_Q9eDWH2yWZ5Rhqsv2gzssqKiaeAtK2v3PiSXPt-MK-NUuB_Gw49U60mJXM1-9Ah_EOOntGTOGA2MCA21-BwYUkC0ROJ906BcAMTGixnR72fh6t9ZiyJ9bBKcz-6-ao8MJF8nYPSUPt9KMvlgsLY7JghSepDyn2_1RhuCSXqaQHcYbeVegPmlylAyuEJhizIK3BBX_Q4neJg8Tc68eVoUn2dp9t3RsumTJMzOAv6PTN3qor5uq7fJ44tlHjehWJovlNmxKvGwEALVpOLEOPFYGASRRXhX-5O3zNEq2hKctJUpLAXzEt9K2fADVnCDc_g_G4ArjWoSOgqYeiLj7qyrD663yrz6lRGxCp72MZb2xTVm7nPO-T13aTgJh_AgTE8NWefQ4T8EY7xUkqlnH0DxdJunUDxhsA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2254 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87808cf53f422c44fe640da8299935bff9b6037ccda83589ca7e32a3339203fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29456
x-xss-protection
0
server
cafe
etag
519 / 19710 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 10:34:38 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ Frame 2254 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 11:39:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
82527
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 17 Dec 2024 11:39:11 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 2254 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4322005999293808&correlator=4036679757854239&eid=44809527%2C31079977&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3D930d1bce7898369c%3AT%3D1702982070%3ART%3D1702982070%3AS%3DALNI_MYiCmPZGPnbI7qaTgasfecmEEAHmg&gpic=UID%3D00000cb6257739e9%3AT%3D1702982070%3ART%3D1702982070%3AS%3DALNI_MafMKtM9XZUPaZCUtWzYJCmdH5LVQ&abxe=1&dt=1702982078813&lmt=1702982078&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=q70r1f6iahk4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=18&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1091650299.1702982071&ga_sid=1702982079&ga_hid=1180270723&ga_fc=true&dlt=1702982078661&idt=138&adks=3360245792&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12576
x-xss-protection
0
google-lineitem-id
6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2254 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84116202713b2f498f520f35ae21b36978f79a3d8b41e9f87ea0e69c1ff48177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12338
x-xss-protection
0
container.html
9773af2ccec3483e4ae1d512b685dda5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 61E7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9773af2ccec3483e4ae1d512b685dda5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=18
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:38 GMT
expires
Wed, 18 Dec 2024 10:34:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2254 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 10:34:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 63A7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
118196
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 01:44:42 GMT
expires
Tue, 17 Dec 2024 01:44:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C979 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:818::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3710b0d9c94d8e08c0b4b3396b1e1139a0e420aa7b872fa0645b3cf57b21080b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Tv1sbNuh2SEHD_xD2GxSwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Tv1sbNuh2SEHD_xD2GxSwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 10:34:38 GMT
expires
Tue, 19 Dec 2023 10:34:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 63A7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 08:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
93475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 08:36:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C979 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=4322005999293808&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 63A7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Y56lsg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 10:34:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
scontent-iad3-1.xx.fbcdn.net
URL
https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=081abc&_nc_ohc=JXggfC_MonUAX9sM0zG&_nc_ht=scontent-iad3-1.xx&edm=ADwHzz8EAAAA&oh=00_AfAI9NnsgeO43Km2wxxdfzWfuuy6qE8onKy_bTWjjObPbA&oe=65875D45
Domain
scontent-iad3-1.xx.fbcdn.net
URL
https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=4da83f&_nc_ohc=axbBSYqje9UAX_eul1D&_nc_ht=scontent-iad3-1.xx&edm=ADwHzz8EAAAA&oh=00_AfCEN3lLUBUSBQitU_fslfBs3_Nverab-nXrlRCPJXOvWw&oe=65861CD5
Domain
www.facebook.com
URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2FgaOWLp%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19710.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010501747&__s=%3A%3Ae7eqyn&__hsi=7314252296915848469&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__csr=&__sp=1
Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19710.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7314252296915848469&__req=4&__rev=1010501747&__s=%3A%3Ae7eqyn&__sp=1&__user=0&dpr=1&jazoest=21984&lsd=_EfheIsp3UyzrFLEuPIcV2

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| documentPictureInPicture object| sas object| googletag object| adloox_pubint object| anymindTS function| startAnymindTS function| gtag object| dataLayer function| Vue object| renews function| getRenewsFeeds object| app function| fbq function| _fbq string| labelToken string| category string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing number| google_unique_id object| regeneratorRuntime object| ox_esp object| _33across function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_145 object| Criteo object| Criteo_identitytag_145 object| brWidgetInit object| truvid_protected object| GoogleGcLKhOms object| google_image_requests

67 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _fbp
Value: fb.1.1702982070703.1435004657
.reurl.cc/ Name: _gid
Value: GA1.2.1116671492.1702982071
.reurl.cc/ Name: _gat
Value: 1
.reurl.cc/ Name: _ga
Value: GA1.1.1091650299.1702982071
.prnasia.com/ Name: __cf_bm
Value: HlLh21ej5f3ZKPb69sNR8oqzJHv0G7D.dlIZJiMjaLg-1702982070-1-AWeEtkxHHlfUrttQrZym6/CQ5p8aMMldXDx7lJRdg5jHANAVN+Wz7FBXOy9B/Y83VaKJsG+HjDmzeceW0iSHQgQ=
.openx.net/ Name: i
Value: baf1017f-0baa-4c4e-8b17-b0071412c646|1702982071
.openx.net/ Name: pd
Value: v2|1702982071|jElYiuvOhI
.adsrvr.org/ Name: TDID
Value: 8aafa3ec-3357-465f-8b93-db076ee3ab0b
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiGluOQmqLAPBAFOAE.
.ladsp.com/ Name: cr
Value: 1
.ladsp.com/ Name: smn_uid
Value: UN2Zt8hVpsj_dgKkNjroFhA-NbnbC0k
.ladsp.com/ Name: lum
Value: CO_okI3IMRIFCAMQ0AU
.openx.net/ Name: univ_id
Value: 537072971|8aafa3ec-3357-465f-8b93-db076ee3ab0b|1702982071425013
.doubleclick.net/ Name: IDE
Value: AHWqTUlrPUirul8eWIDxCxMcCY0YvI2p8ipsWqsLgbZstd33pIJHCyg3iBxwLhlVczo
.crwdcntrl.net/ Name: _cc_id
Value: c277530de27460abd34eb4293a5106fd
.reurl.cc/ Name: __gads
Value: ID=930d1bce7898369c:T=1702982070:RT=1702982070:S=ALNI_MYiCmPZGPnbI7qaTgasfecmEEAHmg
.reurl.cc/ Name: __gpi
Value: UID=00000cb6257739e9:T=1702982070:RT=1702982070:S=ALNI_MafMKtM9XZUPaZCUtWzYJCmdH5LVQ
.reurl.cc/ Name: _cc_id
Value: c277530de27460abd34eb4293a5106fd
.reurl.cc/ Name: panoramaId_expiry
Value: 1703068471421
.reurl.cc/ Name: _ga_N394QBRGC0
Value: GS1.1.1702982070.1.0.1702982071.59.0.0
.reurl.cc/ Name: ISMD5VERSION
Value: 1
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzAyOTgyMDcxfQ
.reurl.cc/ Name: CFFPCKUUID
Value: 9488-1XBVnxULgoeAZ0PrWEoCFpxTIzOITiol
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 9901-c8zSJaDm8B836vo1WuHZhewX4K4gqi9O
.reurl.cc/ Name: FPUUID
Value: 9901-e0dae32038ed048900e6ce0674e75cfc
.doubleclick.net/ Name: DSID
Value: NO_DATA
.c.appier.net/ Name: _auid
Value: Dd7rY3YWBPKKMU9mt3GBZQ
.hinet.net/ Name: uuid
Value: cb19cead-7983-401e-85f6-6f401482e2d0
.holmesmind.com/ Name: fcm
Value: 1
.holmesmind.com/ Name: Vision
Value: 20231219-23:59,20231219-21,20231219-21,20231219-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.holmesmind.com/ Name: P
Value: 512173-8BPc4iK06Thfu2wTzWDgUt6nYMOFnGsw
.reurl.cc/ Name: __htid
Value: cb19cead-7983-401e-85f6-6f401482e2d0
.reurl.cc/ Name: _ht_em
Value: 1
.lndata.com/ Name: admckid
Value: 2312191834311109437
.criteo.com/ Name: uid
Value: 285b7c1d-d66e-47d2-bd2d-9b08ae839b58
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.reurl.cc/ Name: _ht_hi
Value: 1
.reurl.cc/ Name: truvid_protected
Value: {"val":"f","level":0,"geo":"JP","timestamp":1702982073}
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/ Name: d
Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.send.microad.jp/ Name: TR
Value: 64e6d9af0fa24d859b7669ca51a67ad66f73a8e06c05faad
.casalemedia.com/ Name: CMID
Value: ZYFxuePqVg3LzPTvx101aQAA
.casalemedia.com/ Name: CMPS
Value: 5457
.casalemedia.com/ Name: CMPRO
Value: 5457
.doubleclick.net/ Name: APC
Value: AfxxVi5avVDU9opVXOXOB6qif6DxyZzlPP_PIlf8uPlxclixXxEETw
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=58315410498841"
.doubleclick.net/ Name: ar_debug
Value: 1
.ctnsnet.com/ Name: gid_CAESEPYd5u3hV-45aTCKmT9PBFI
Value: 1
.ctnsnet.com/ Name: cid_4ca8bb7df4444cde968a8aec71984284
Value: 1
.bidswitch.net/ Name: tuuid
Value: fa2bf044-b486-4074-833f-b7d4c45cc3ec
.bidswitch.net/ Name: c
Value: 1702982073
.bidswitch.net/ Name: tuuid_lu
Value: 1702982073
pool.admedo.com/ Name: tuuid
Value: 3742a8a1-4200-456d-a7f7-319ef47d7fe7
pool.admedo.com/ Name: c
Value: 1702982074
pool.admedo.com/ Name: tuuid_lu
Value: 1702982074
.linkedin.com/ Name: bcookie
Value: "v=2&952a13fd-2766-48ed-8648-eaffe1012fb9"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3083:u=1:x=1:i=1702982074:t=1703068474:v=2:sig=AQHs_c-gEnZ0CET5fVqZtSccGYHKKKoU"
.dotomi.com/ Name: DotomiTest
Value: 1e6967f065522a3
.flashtalking.com/ Name: _D9J
Value: 905ae36601df40d19eaf4747172e4850
.mediago.io/ Name: __mguid_
Value: f5ef61caa8989bd923yo3f00lqc7k2fp
.reurl.cc/ Name: _ht_50ef57
Value: 1
.id5-sync.com/ Name: id5
Value: 637af096-6f3f-7da5-9078-795e37c955f3#1702982075069#2
.id5-sync.com/ Name: 3pi
Value:
.reurl.cc/ Name: cto_bundle
Value: bmuB8V96aHVBOWtzdlJnNHJudTdlMjNSWmk1YlRuTFZjMXczZFdjWTlEYWlxM2w1RnNQWVI2Q3dneTFHcEFhNUthOHE1WjlwTllLSHBVbXlSMmpjdGljVG1JWU5vRU53YmRGd2hrUDVCNmQ5ODJIVyUyQnFFNGxlS0xxUVBia3hwQkx3JTJCVHF1N0ElMkI4NmRqWmRONXpqNURnOCUyRmsxUSUzRCUzRA

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

26bc98c029eb89f7f47928e20f90a40e.safeframe.googlesyndication.com
3a543dc8c57038aaec160c3d12fb9de6.safeframe.googlesyndication.com
6e203983f9c0fdaa201c943a45c0abb9.safeframe.googlesyndication.com
87f9374de54e38ddc657f0a6c02c6cfb.safeframe.googlesyndication.com
93e316ec37e4979788aed6448b0f2244.safeframe.googlesyndication.com
96750eab0c92258c068af394b6600929.safeframe.googlesyndication.com
9773af2ccec3483e4ae1d512b685dda5.safeframe.googlesyndication.com
ad-events.flashtalking.com
ad.doubleclick.net
ad.holmesmind.com
ad2.apx.appier.net
agen-assets.ftstatic.com
ajs-assets.ftstatic.com
analytics.google.com
anymind360.com
asset.re-news.tw
bcp.crwdcntrl.net
bidder.criteo.com
blog.alphaloan.co
c.holmesmind.com
cb19cead-7983-401e-85f6-6f401482e2d0.t.ssp.hinet.net
cdn-ima.33across.com
cdn.ampproject.org
cdn.doubleverify.com
cdn.flashtalking.com
cdn.holmesmind.com
cdn.jsdelivr.net
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cm.lndata.com
cnt.trvdp.com
connect.facebook.net
cr-p3.ladsp.com
creditcards.com.tw
d9.flashtalking.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
e36a608567ca68ccf16afddceeb24ff5.safeframe.googlesyndication.com
fcm.holmesmind.com
fcm2.holmesmind.com
go.trvdp.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
gtrace.mediago.io
gum.criteo.com
hb.aralego.com
id5-sync.com
img.gbyhn.com.tw
img.racingcharger.tw
invstatic101.creativecdn.com
ipac.ctnsnet.com
jp-u.openx.net
m.holmesmind.com
match.adsrvr.org
mma.prnasia.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pool.admedo.com
prebid-asia.creativecdn.com
prebid.scupio.com
px.ads.linkedin.com
re-news.tw
reurl.cc
rt.ad-score.com
s-cs.send.microad.jp
s.trvdp.com
scontent-iad3-1.xx.fbcdn.net
secure.flashtalking.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
stat.flashtalking.com
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
storage.re-news.tw
storage.reurl.cc
sync.inmobi.com
t.ssp.hinet.net
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ae1.doubleverify.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.rayskyinvest.com
x.bidswitch.net
scontent-iad3-1.xx.fbcdn.net
www.facebook.com
103.132.192.30
104.18.36.155
116.50.36.71
124.146.153.165
13.225.183.98
13.35.49.78
141.95.33.120
142.250.207.34
142.251.222.6
143.204.86.126
143.204.86.129
151.101.1.55
172.104.70.67
172.64.152.89
18.172.52.51
18.182.103.101
18.65.185.12
18.65.185.71
182.161.74.11
192.0.78.187
192.0.78.24
20.127.253.7
2001:4860:4802:36::181
202.233.84.8
203.75.214.136
209.58.168.56
210.59.219.34
23.195.84.51
23.35.112.238
2404:6800:4004:801::2002
2404:6800:4004:811::2002
2404:6800:4004:811::2003
2404:6800:4004:813::2001
2404:6800:4004:818::2004
2404:6800:4004:81c::2001
2404:6800:4004:821::200e
2404:6800:4004:822::2002
2404:6800:4004:824::2008
2404:6800:4004:825::2001
2404:6800:4008:c13::9c
2404:6800:400a:813::2002
2406:2600:4::1
2406:2600:4::12
2406:2600:4::b
2600:140b:a00:e::b81d:8cd4
2600:9000:20c4:6000:1e:5c56:d400:93a1
2600:9000:20e4:1600:0:e06c:e940:93a1
2606:4700:3034::ac43:961f
2606:4700::6811:efc2
2620:1ec:21::14
2a02:fa8:c411:13::1370
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
2a04:4e42:400::485
3.115.150.138
3.24.107.100
34.102.146.192
34.117.23.234
34.120.135.53
34.149.43.113
34.149.98.30
34.95.67.231
34.96.70.87
34.98.64.218
35.185.130.121
35.185.136.122
35.186.193.173
35.190.36.98
35.201.76.93
35.208.216.174
35.208.249.213
35.213.12.39
35.227.249.156
35.244.153.44
35.244.159.8
35.244.196.223
35.71.131.137
35.76.193.82
51.79.154.9
52.194.85.18
52.68.5.49
52.74.215.70
61.216.47.122
99.84.133.60
0235afa7eadb75ccad0acfeb7546fc0245fdf1d6f813677d9ed0bfe02dd3070a
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
05cab1d78cce8922cfc4b520eece4d1683d78f824894060dba4174c152f44d89
0604f2e9569e74bfc45735ded6c826cf6d96a037c9c72e6390cb698b2b8ff9de
07d1957679cd8f76d9917f8a32d824d6e368993a8e1550c2bcd79cd341b98a39
0889dd0aaaf525d73cb30d2da22b5c14854544f79c8a947a8362d765ef7bc9a2
08c3a4502078b574260869c3dec2f3505db4f05b216adc5dd1f7c5d8c46ddd83
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d48f9eb676fc877f0b9d753cfecfe75dc641a27fdd71d8ed86e6e0091d9ae5d
0e5a11692c77bbf720d6781cb2620ee78c960e8bb9d68d140010c982939be8e4
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3
10707c1987c2d6abacf5140d5c82d73f302fd8dcd1091bb2c6f1f30ebe7b321e
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
17dba7b542bd3d2e89991d4832fe137ac66848b9ac72da723048bdd465d9629d
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1e88d5a6b957bcb76a26bf58e00977f577a32614f5aa55b6b2dc89c100a685de
22adb749e11c231f70329869335b75115bae99043c5b169d243029763bae954f
2483c45bb3827712e15ed54ad8fbbd8e9380a505ee2d1183e29bab4f4b9ad5ad
25b302d03c63d0aefbf9146bdae56e279c74730a881d474fae50de0283ad3fcb
264a0a28c23da253d460c72e9b7ff9e297a4e02ea590c5d20a1f0fa77bc9aadd
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840
2736987e98de6fc58654107cbf827e6dee07c75ca0814b7638ce694b30ec26d3
285345486b3f5c8634d0aa3b7fc156c877ae4235cd1d395b1fabc0d0822b5317
28a42b672d5972d093d02e3a99c533147eb02ac6684f10715c4e95782a50f904
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2d42828724b419076c49f2f79617e9ff578e5c605f527e53d56a2d1ee6074c9d
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2fc323f625ab36d0be4935f697e61db3883b7cf400c50c4b3e3ee1a1be6952e2
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
307797f36b7db4d922358a5e50787a2f9d71f7920909f67624bcce71ed710b29
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30
331c345785b38fa659cf2625e392e2103b1d0b19d8651fd036b5d5d0e46074e6
33e447c54781f2c76bc0526302b3b5e306bda7b2f48437992ed45480ddd9706d
353b802475ea4a2e76926cdf15dfc6363c09126b127e253ca8806120ff5fe85b
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
3710b0d9c94d8e08c0b4b3396b1e1139a0e420aa7b872fa0645b3cf57b21080b
372e3a6ccf4db838ce71fc2958e7243c2fc00f939e6727d32810581cf5fee54a
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
395025577c81834c44a41a14e1b46d88ad8b5c8f9cbaccb60f1bb5e30b367d79
3a0256ca92a7903535874b9dd14a0b741595b459622de4956b8c702a244c7894
3c5edf622ec05e0b57957cb3073bd2b422a535234b26e9d6697f2cda4fd1e747
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
40e07b1603102c3c15c99ddeeab5db0148da8d6a85da1ea14f3c97dcd68387b3
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
458de00c44027ecfe980ba5915c6b8d458ff5d7c47a53de93db3ad85b87a4e32
4651e922a51a43a2ccd41fada89c6278437f8e136450ea8c57fa85f56d1db950
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
481f37e94c1ce65b5075077940de8347f3df64e97dea621a6e06d7c0c91381ef
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4c0fab9f692280103f0094e39d80478fa6b5d314d039d5ebe2eacbd9068d27c0
4cec6c405047fb869086cb403f760805d3db3df1fb457557c24e5c376bcc7904
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5585f4a29767dd31fbe68ea10a0fc4db6ca5e82b3b8d76535ae131c5ac77f7f8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c
571cca2711b8b8a2c1d198efb45c2a05b24e3f356983cfb5eca706b4412055a3
58b5a248d9866b5b7819700a9ca95583f7e1e17e0bd5a4667ec4bbdbfee48406
5d0bff79cd9d23c424a1dba2d385fc4a01b1a95dac1dd776e0bd295fa5586da2
5f170477597d1e3c8d780789ece124ec1f6df29aa5efe45102401af3b660030f
5f8de7cee98aac8df37124af2410ddfc2666f8a7726c23fc9133e5dbc39e9110
600c612f4248fc7e273b43e22c1d0bec2cc7ac798548e3e4c569f463f2dc919e
607c4bc926857521356a4e0c02cd2527a471f77f29776cd43dd788eefd543f12
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6215cea030001547475bd19ec624e50c85af367309e115d7813ae4eaff664d32
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
6488a34da520b9672703e366a04e1bd3dacd0abd45906806234e60c7f238e1ed
66612ef55fe31efc360ff2955105c099cc366108e0d69246f98913273638d5a7
679191a875613f7b133fdbe9230c9ed5c54d725ed7ee4dc27345fbef219b0472
687ecc6bf7e06bf2d92681b39bdba2e37cb7a98a021f8d42407f6b90065384d0
69b2eb9985d5a303880bb7ac718a098a620d5f5fede854cdb9fc4f9ebe7a4468
6bd354fbba337f6185fae125fb1a2623f0ffdcd2d18e42b665296a5ea4d0d72c
6c32f431eb95abb07ba006254d697d9ac347ad016ae53d764bc6c30f74312339
6ddabdc98a098a5ede4fa799fe44f0f4e78a9bac4dba7a31ab87d67d8ceacfbf
6eafd5ec6725e90f6b921677cd3a321fb46813d8252eef1a9858c453a648b0c4
70d53414d47eb3995c018b4e2741e724229af73f4954bf0b4fd5d721ab5ff95c
7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507
729c4aac8b369958b04f2ce0d6b207c7811253bcb87ccc3f1599fa4e6d2c414d
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
76728ccbb8a6289c9db4c2e0e9a088f5e99e6906aa220dba0a4f7e37e04ae28e
78541a95d045825b506c33ca11e261a449d69c72e7785e6ce2ccd23232b7426c
7cbfaf24bcfb89bd4a1da90004119abe93e6c9f6129d66a4f930dec680fd85e4
7d547d0218f5d9b1afd55fa28abca9d9d4a93b2c7910ac83a86874819c1268b8
7db2c5e729ac2b09b0b1fb3174bd014d519a46ccdf162b6c95cc99777d0b982f
815feb5a3c616eecf145c2d70b428bd7f93854b19bd745bf8d0e91e1f24fd26b
81d6e6dd2fe3eecda65c0df4e6ac3e97bc2fc84d06059d844f4d4365e7ef51aa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84116202713b2f498f520f35ae21b36978f79a3d8b41e9f87ea0e69c1ff48177
87808cf53f422c44fe640da8299935bff9b6037ccda83589ca7e32a3339203fb
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
8a18a24a8c0f3ecb23481ca12a1ec1f727977f33c17a8232d9c392793d87835f
8a4a94f826becc5d969ae564ab8fed248dcbe980ca7d1cbe25e120d279f2dccc
8a8334a1ca1e49b8959cb62bc45c40428bcba71c7f9b78c489c433439225812f
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
92691cb0fb6e2a3b3c4e410e2a4d7963c143e8f86cd8052c19c1f29d2b7d342f
940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b
94d523edd701a50db76faf479f4e32f007cbd97ade5339313f1e5a1ef5b35a85
96925fcf3f2e756c4ca746bea5edcf726bd05ae282e0ae4260753d62521536e8
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
984d528a4b605f800118b935c5de5dcf0dacfadd8367fbe1cc6dc59b556043c4
992767cbed53ffaff872d65f4dd910343fa5baf04f3efc52b37afdb764cb2d06
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a2a214081e1f3ea56cc068ad53949224dc0bf812231321efbad123cd56e60a2a
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a6853ed0a1b575cd7a051081a584737626e948c8fc7a0caca6af76f1174cbb3e
a700694bd3a98912d02c1346736173982a3724839af1cb274f2003a5b09405df
a7c0a594eacc0e47f79008f0672f7d233d1d978bc4dcb9387653be7f81075836
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa20ef7b35f175e803e93177a2f1ab682ec76f12c77a6fbd661ec9ba97eb8fff
ac773db03b84a9c8c236fc94ea31138fa9989c7e83caeabc5ace5c01fafa7e87
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee5a5874e68776e52e9c05f282cdcd13f3202c405bf6df6494df0d21dd30618
af0be405379be94a32ae12315afeb948ebfac6a014b6e223df5d69ddf1cfd0e8
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2dc6d1ffef8d0317fbf0b08ddd5489312a955994fba348b1d7d9f104f557270
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b5150c2d8be008e41735325a2c448dbf3f9a67133b98c5d990c802649172869e
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b754dd4159676fdc26211645e0f3562ecb9e8e71ccc057faf6717feb0e746cad
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22
bc8e876f8833abc8dd098a57086fe9b75f2e5e5d5a7e82f23901a64a0a3c64fa
bd3c494f7b0125dd0f6c09188dc95fe48b0a334ec3e02462738869648dcd4ebe
bf08691efcbfd1c6f3d6ae2135300e78817519e37bd4f02bc0251aeb7cbcb3c4
bfdb8ca2c9ccdb14ad4dd8a885e882883b2333f38f87fec17511c03f57975f68
c080f221f569b8a4b7208f300af13ae9fd982454b06a9e4e2e66c79b81a53cdf
c095fd0595e1cd5f3b78dcc04a60403cf94ac140a6a9fe6193c943c086d04fc7
c119fda324eac3005f8f57bbf001fff4effbf4a3dc85dc5fb5622ecd4a516fd8
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
c29730e2d866cb3e4fd29e72864d8dc8b2bf1e1924ae66aa908f5ef3f0872c66
c35eb5becf75b291e51475f8bcf8a6decfa624186269fe3e367bb52dc9501c3d
c4afce95eaa02131c84b3112aaeba9504f2de089ecad284c9eee888da049578d
c58c5ddeb5e7fd70c3f884b3fee71b061e93667a2a27b19b4f3eb8a7f613bdf4
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c629b11fffc2bd45366c9b28dffb9cf88b1dab3b51209c13a32acc6b5af9dddc
c7bef7a8983828d0fc3620a87c4bfa2b730c7c9539d06657591f1ae833eb743a
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
c8b331b2bb22c281a37d29500bf8e4979102a94e4e115136c9ca8cbe420002c1
c8bf9e2d56e0f35eddc816d2a8bb11ebe4643ac29b75539f56607e5bbbe59491
ce1256d7c2c3f7e595a3a45f76896958ea1a2e5330a0c30477f39dce769d41b4
ce741e77e5ee21643105b09f3518a62eaa91cab275d4a35522033f2537ba7d79
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda
d2c56661ccae843bfd50f6f5326b1ee7ae8c6d0df1d95889522f23466f1d7825
d3462e188d87fa7167330a4d5c811d0ff6299e5502875bf1bb0f1d583a1bd05e
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
db3afc4ceef9700105019a5f3a68a164484c207914071ef0f2d7858d82a6314a
dc6ced6d6bcd5342ac1da4259d1a0dba20c00047aecdeddf937defbf547580c5
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df818772e50bbc32ad845f76cd1299e72443b12c17bdc11e46ee98f8389bb9ca
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
e9ea5e5cc6138687eb5148bbf1e86d9479dfc701065c9a40095d5f8ebd16d27d
eb0110be59431fd3c8942faca7ee241aef70ddc66cc3316b645cc8ae6ca2b70a
eb08d350c7ade2b3e4fbc387bf1ca691c923db4a08a592c2f5a189ca944bdec7
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec588d73d8d3b6717a12d44a598a96f57b07d5f6294c5524b89cd305d995ade2
ece8465ad5cde29b5ef39e44e8784a7a473d8ceef489e21192185b78783e3a55
edbe0688b0ad4c9407dd263d728e10e8254ffeed2350193e5c7d8d8cfad3a83e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b
f6c1aa49a5666d3e6e3998ef14751062a401fb45323d3a80d7bb0afecf0b0872
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
fab6c3a3d6244fbc90ac6ff183aecbc53564251e1b11a83b84e21b9db7d859cd
fc8d16f784f3a9cc1f878f0f2ab851d076616c5c61f1df8f1e7fc50537b3ce6a
fcc50e617e2dcbb78fc268589ce72df8abc0fa2b758acb1dd0b2375da41af9ca
fd040c9ecba19c1fd24d2b122f916cad05c95b4c9911186e054b70baf91a9a9b