urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
URL: https://reurl.cc/GKjnKp
Submission: On October 16 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 62 IPs in 5 countries across 43 domains to perform 310 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 278473.
TLS certificate: Issued by R3 on September 19th 2023. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35.185.130.121 15169 (GOOGLE)
2 2a04:4e42:600... 54113 (FASTLY)
6 34.149.98.30 396982 (GOOGLE-CL...)
1 151.101.193.55 54113 (FASTLY)
1 2404:6800:400... 15169 (GOOGLE)
26 2404:6800:400... 15169 (GOOGLE)
5 2a03:2880:f10... 32934 (FACEBOOK)
1 35.244.196.223 15169 (GOOGLE)
26 2a03:2880:f00... 32934 (FACEBOOK)
1 99.84.54.2 16509 (AMAZON-02)
3 2404:6800:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 192.0.78.24 2635 (AUTOMATTIC)
1 2600:9000:26a... 16509 (AMAZON-02)
1 192.0.77.2 2635 (AUTOMATTIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.185.136.122 15169 (GOOGLE)
1 192.0.78.236 2635 (AUTOMATTIC)
1 34.149.120.3 396982 (GOOGLE-CL...)
2 35.194.205.218 396982 (GOOGLE-CL...)
2 2404:6800:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
13 2406:2600:4::1 55569 (CRITEO-AS...)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 18.65.185.16 16509 (AMAZON-02)
4 2404:6800:400... 15169 (GOOGLE)
2 7 2404:6800:400... 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 18.139.47.19 16509 (AMAZON-02)
5 34.98.64.218 396982 (GOOGLE-CL...)
15 2404:6800:400... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
26 2404:6800:400... 15169 (GOOGLE)
36 2600:9000:20e... 16509 (AMAZON-02)
5 2404:6800:400... 15169 (GOOGLE)
2 2 35.71.131.137 16509 (AMAZON-02)
1 1 211.120.53.206 4694 (IDCF IDC ...)
2 2 18.65.168.114 16509 (AMAZON-02)
4 5 142.251.42.130 15169 (GOOGLE)
1 18.172.52.51 16509 (AMAZON-02)
3 2404:6800:400... 15169 (GOOGLE)
5 10 2406:2600:4::b 55569 (CRITEO-AS...)
1 18.65.185.40 16509 (AMAZON-02)
2 2404:6800:400... 15169 (GOOGLE)
4 116.50.36.71 18046 (DONGFONG-...)
5 18.182.220.218 16509 (AMAZON-02)
1 34.95.67.231 396982 (GOOGLE-CL...)
1 35.74.9.151 16509 (AMAZON-02)
9 203.75.214.136 3462 (HINET Dat...)
1 5 35.201.76.93 396982 (GOOGLE-CL...)
8 54.95.179.151 16509 (AMAZON-02)
2 18.65.185.4 16509 (AMAZON-02)
4 103.132.192.30 138552 (RTBHOUSE-...)
4 210.59.219.34 3462 (HINET Dat...)
9 18 35.190.36.98 15169 (GOOGLE)
9 9 172.105.203.31 63949 (AKAMAI-LI...)
5 182.161.74.11 55569 (CRITEO-AS...)
8 2406:2600:4::12 55569 (CRITEO-AS...)
17 2404:6800:400... 15169 (GOOGLE)
1 18.172.31.22 16509 (AMAZON-02)
1 35.208.216.174 19527 (GOOGLE-2)
3 35.227.249.156 15169 (GOOGLE)
310 62
1    35.185.130.121 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
6    34.149.98.30 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.98.149.34.bc.googleusercontent.com
storage.reurl.cc
1    151.101.193.55 (United States)

ASN54113 (FASTLY, US)
anymind360.com
1    2404:6800:4004:81f::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
26    2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
26    2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
scontent-nrt1-1.xx.fbcdn.net
1    99.84.54.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-54-2.nrt20.r.cloudfront.net
openfpcdn.io
3    2404:6800:4004:80f::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:3034::6815:6009 (United States)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    192.0.78.24 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    2600:9000:26a7:3e00:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.wixstatic.com
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
1    2606:4700::6811:eec2 (United States)

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    35.185.136.122 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 122.136.185.35.bc.googleusercontent.com
re-news.tw
1    192.0.78.236 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
1    34.149.120.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.120.149.34.bc.googleusercontent.com
www.rayskyinvest.com
2    35.194.205.218 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.205.194.35.bc.googleusercontent.com
f.reurl.cc
2    2404:6800:4008:c00::9d (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2404:6800:4004:821::2003 (Australia)

ASN15169 (GOOGLE, US)
www.google.co.jp
13    2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    18.65.185.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-16.nrt57.r.cloudfront.net
tags.crwdcntrl.net
4    2404:6800:4004:81e::2001 (Australia)

ASN15169 (GOOGLE, US)
65fc8088df6115f40a8cfaa155fde678.safeframe.googlesyndication.com
744cdf5eb2e58548a5a3841447c3e2b5.safeframe.googlesyndication.com
478daf98188a8312f1f449755c505cdf.safeframe.googlesyndication.com
58996e0448e9a2b59468d7fc5fbf5b16.safeframe.googlesyndication.com
7    2404:6800:4004:821::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
1    18.139.47.19 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-47-19.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
jp-u.openx.net
15    2404:6800:4004:827::2001 (Australia)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    2404:6800:4004:81f::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
26    2404:6800:4004:801::2001 (Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
36    2600:9000:20e4:7800:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
5    2404:6800:4004:80f::2002 (Australia)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    211.120.53.206 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    18.65.168.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-168-114.nrt57.r.cloudfront.net
cr-p3.ladsp.com
5    142.251.42.130 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f2.1e100.net
cm.g.doubleclick.net
1    18.172.52.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-52-51.nrt20.r.cloudfront.net
cnt.trvdp.com
3    2404:6800:4004:825::2003 (Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    2406:2600:4::b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    18.65.185.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-40.nrt57.r.cloudfront.net
go.trvdp.com
2    2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)
cm.lndata.com
5    18.182.220.218 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-220-218.ap-northeast-1.compute.amazonaws.com
cm-dev-poc.holmesmind.com
1    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
1    35.74.9.151 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-74-9-151.ap-northeast-1.compute.amazonaws.com
fcm2.holmesmind.com
9    203.75.214.136 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
5    35.201.76.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
8    54.95.179.151 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-179-151.ap-northeast-1.compute.amazonaws.com
adcdn.holmesmind.com
ad.holmesmind.com
2    18.65.185.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-4.nrt57.r.cloudfront.net
stg.truvidplayer.com
4    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
4    210.59.219.34 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net
prebid.scupio.com
18    35.190.36.98 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com
ad2.apx.appier.net
9    172.105.203.31 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1857-31.members.linode.com
gocm.c.appier.net
5    182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
mug.criteo.com
8    2406:2600:4::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
17    2404:6800:4004:808::2002 (Australia)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    18.172.31.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-31-22.nrt20.r.cloudfront.net
s.trvdp.com
1    35.208.216.174 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 174.216.208.35.bc.googleusercontent.com
rt.ad-score.com
3    35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com
m.holmesmind.com
Apex Domain
Subdomains		 Transfer
59 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 148155
cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 148475
fcm.holmesmind.com — Cisco Umbrella Rank: 178132
fcm2.holmesmind.com — Cisco Umbrella Rank: 184333
c.holmesmind.com — Cisco Umbrella Rank: 117915
adcdn.holmesmind.com — Cisco Umbrella Rank: 154119
ad.holmesmind.com — Cisco Umbrella Rank: 111934
m.holmesmind.com — Cisco Umbrella Rank: 283316
251 KB
47 googlesyndication.com
65fc8088df6115f40a8cfaa155fde678.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
744cdf5eb2e58548a5a3841447c3e2b5.safeframe.googlesyndication.com
478daf98188a8312f1f449755c505cdf.safeframe.googlesyndication.com
58996e0448e9a2b59468d7fc5fbf5b16.safeframe.googlesyndication.com
289 KB
35 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
729 KB
27 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 50390
gocm.c.appier.net — Cisco Umbrella Rank: 2653
8 KB
23 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
mug.criteo.com — Cisco Umbrella Rank: 2541
bidder.criteo.com — Cisco Umbrella Rank: 895
37 KB
23 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 957
scontent-nrt1-1.xx.fbcdn.net — Cisco Umbrella Rank: 136237
562 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 379
311 KB
13 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
182 KB
9 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 75985
14 KB
9 google.com
analytics.google.com — Cisco Umbrella Rank: 178
www.google.com — Cisco Umbrella Rank: 2
3 KB
9 reurl.cc
reurl.cc — Cisco Umbrella Rank: 278473
storage.reurl.cc — Cisco Umbrella Rank: 426555
f.reurl.cc — Cisco Umbrella Rank: 478492
7 KB
7 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1906
google-bidout-d.openx.net — Cisco Umbrella Rank: 1919
us-u.openx.net — Cisco Umbrella Rank: 547
jp-u.openx.net — Cisco Umbrella Rank: 12438
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
296 KB
5 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2587
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 21122
2 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
27 KB
4 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 87848
672 B
4 lndata.com
cm.lndata.com — Cisco Umbrella Rank: 139120
2 KB
3 gstatic.com
fonts.gstatic.com
50 KB
3 trvdp.com
cnt.trvdp.com — Cisco Umbrella Rank: 32271
go.trvdp.com — Cisco Umbrella Rank: 29167
s.trvdp.com — Cisco Umbrella Rank: 27427
146 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
139 KB
2 truvidplayer.com
stg.truvidplayer.com — Cisco Umbrella Rank: 24937
3 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 21057
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
714 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1164
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073
13 KB
2 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 22445
515 B
2 re-news.tw
storage.re-news.tw
re-news.tw
31 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
58 KB
1 ad-score.com
rt.ad-score.com — Cisco Umbrella Rank: 21514
595 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1247
860 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2118
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1319
5 KB
1 rayskyinvest.com
www.rayskyinvest.com
31 KB
1 alphaloan.co
blog.alphaloan.co
181 KB
1 prnasia.com
mma.prnasia.com — Cisco Umbrella Rank: 883867
25 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 4163
107 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 6163
248 KB
1 creditcards.com.tw
creditcards.com.tw
124 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
358 KB
1 openfpcdn.io
openfpcdn.io — Cisco Umbrella Rank: 17861
14 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
91 KB
1 anymind360.com
anymind360.com — Cisco Umbrella Rank: 18222
39 KB
310 43
Domain Requested by
36 cdn.holmesmind.com securepubads.g.doubleclick.net
cdn.holmesmind.com
ad.holmesmind.com
26 tpc.googlesyndication.com reurl.cc
securepubads.g.doubleclick.net
cdn.ampproject.org
tpc.googlesyndication.com
26 securepubads.g.doubleclick.net reurl.cc
securepubads.g.doubleclick.net
www.googletagservices.com
21 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
18 ad2.apx.appier.net 9 redirects reurl.cc
17 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
reurl.cc
15 cdn.ampproject.org securepubads.g.doubleclick.net
13 static.criteo.net securepubads.g.doubleclick.net
cdn.holmesmind.com
reurl.cc
static.criteo.net
10 gum.criteo.com 5 redirects static.criteo.net
9 gocm.c.appier.net 9 redirects
9 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
8 bidder.criteo.com static.criteo.net
7 www.google.com 2 redirects reurl.cc
tpc.googlesyndication.com
6 storage.reurl.cc reurl.cc
5 mug.criteo.com reurl.cc
5 c.holmesmind.com 1 redirects cdn.holmesmind.com
5 cm-dev-poc.holmesmind.com cdn.holmesmind.com
5 cm.g.doubleclick.net 4 redirects google-bidout-d.openx.net
5 www.googletagservices.com securepubads.g.doubleclick.net
5 www.facebook.com reurl.cc
static.xx.fbcdn.net
4 prebid.scupio.com cdn.holmesmind.com
4 prebid-asia.creativecdn.com cdn.holmesmind.com
4 ad.holmesmind.com cdn.holmesmind.com
4 adcdn.holmesmind.com cdn.holmesmind.com
4 cm.lndata.com cdn.holmesmind.com
3 m.holmesmind.com cdn.holmesmind.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com securepubads.g.doubleclick.net
3 www.google-analytics.com storage.reurl.cc
www.google-analytics.com
reurl.cc
3 connect.facebook.net storage.reurl.cc
connect.facebook.net
fcm2.holmesmind.com
2 stg.truvidplayer.com go.trvdp.com
s.trvdp.com
2 googleads.g.doubleclick.net reurl.cc
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net google-bidout-d.openx.net
2 us-u.openx.net google-bidout-d.openx.net
2 match.adsrvr.org 2 redirects
2 oajs.openx.net 1 redirects reurl.cc
2 www.google.co.jp reurl.cc
2 analytics.google.com www.googletagmanager.com
2 scontent-nrt1-1.xx.fbcdn.net www.facebook.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 f.reurl.cc storage.reurl.cc
2 cdn.jsdelivr.net reurl.cc
1 58996e0448e9a2b59468d7fc5fbf5b16.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 478daf98188a8312f1f449755c505cdf.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 744cdf5eb2e58548a5a3841447c3e2b5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rt.ad-score.com s.trvdp.com
1 s.trvdp.com go.trvdp.com
1 fcm2.holmesmind.com cdn.holmesmind.com
1 fcm.holmesmind.com cdn.holmesmind.com
1 go.trvdp.com cnt.trvdp.com
1 cnt.trvdp.com securepubads.g.doubleclick.net
1 tg.socdm.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 65fc8088df6115f40a8cfaa155fde678.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 www.rayskyinvest.com reurl.cc
1 blog.alphaloan.co reurl.cc
1 re-news.tw reurl.cc
1 mma.prnasia.com reurl.cc
1 i0.wp.com reurl.cc
1 static.wixstatic.com reurl.cc
1 creditcards.com.tw reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 openfpcdn.io storage.reurl.cc
1 storage.re-news.tw storage.reurl.cc
1 www.googletagmanager.com reurl.cc
1 anymind360.com reurl.cc
1 reurl.cc
310 73

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2023-09-19 -
2023-12-18		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
storage.reurl.cc
GTS CA 1D4		 2023-10-14 -
2024-01-12		 3 months crt.sh
anymind360.com
R3		 2023-08-26 -
2023-11-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-24 -
2023-10-22		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2023-10-08 -
2024-01-06		 3 months crt.sh
openfpcdn.io
Amazon RSA 2048 M01		 2023-01-25 -
2024-02-24		 a year crt.sh
gbyhn.com.tw
GTS CA 1P5		 2023-09-22 -
2023-12-21		 3 months crt.sh
tls.automattic.com
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-03 -
2024-01-30		 6 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.prnasia.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-08 -
2023-12-08		 a year crt.sh
re-news.tw
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.rayskyinvest.com
R3		 2023-09-05 -
2023-12-04		 3 months crt.sh
f.reurl.cc
R3		 2023-09-26 -
2023-12-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google.co.jp
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-08-26 -
2023-11-24		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
*.trvdp.com
Amazon RSA 2048 M01		 2023-07-26 -
2024-08-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.lndata.com
GeoTrust RSA CA 2018		 2022-11-23 -
2023-12-24		 a year crt.sh
*.t.ssp.hinet.net
 2023-04-06 -
2024-04-06		 a year crt.sh
*.truvidplayer.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-20		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2022-09-26 -
2023-10-27		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2023-09-02 -
2024-10-03		 a year crt.sh

This page contains 43 frames:

Primary Page: https://reurl.cc/GKjnKp
Frame ID: D810FC187BDD1C38F57A833B168B856A
Requests: 53 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: A04650719438FD7C58325B916881C37A
Requests: 30 HTTP requests in this frame

Frame: https://65fc8088df6115f40a8cfaa155fde678.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9B2F90D6546F93EB307F65AE493CEF09
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 50D2C747395D415908C365F2F36C4997
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: 09042A62FBE7D47C8483A3E43E154585
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: 78C244C90702E2AC440BD60BA9E75E9D
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvn0LDMjnO06QTf0bCC9ZyDm12kMJXLszCU2usrhYX1nVudTOPp6zEqmjqp7669Y5xfiXPRhKcFJ6W1d5aVtGCPUObwCUf0lj9YkEk7eeZqy5108uQEDDMYhEyIPhnOloXT_lCj_0NeVzqXKkprOrCyT_2lyW_Tp1gKH_XoZqU55iEnVASA2eVEK1XcQm-64RnZb7AlCbabcN4vVm7E5VNsiYLeo31wztFHkywyNgG3AohctzYvU9Wi62jaO2VNLlfs5YMZL0S9R15E_vzeFjDsl_BmAxJKz31GOzjMAiDRXudbUsGXCvNNKPStNs8fyU5TMTSssywroq82OY1bATv3EaXfQ--9NFImj9_RU6GYSdSWzWKOsXEKnkB99fYs&sai=AMfl-YTf9edVhvRLNBA_Ld7QITxEEKfCIlLQcW0ISdCiCXfdj0ocGf0biQ71lwruBu8OCCtNrsf72YDmRhNrRFP-Q4Q3IEaPCQ6Y7H7fBHqTYJSAdpYQoU5Hr_Awpf8yyhWLiJYrNysE3-gdbl74KrXR&sig=Cg0ArKJSzPFJ5JjSZYPmEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2C0D68FF132086F14F372E5043EEF8D2
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: 93CF973783C311253AB9A8D3EFF67CCE
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvM1oSjpfaAYxbl-TAsCwz7TW9ZxI3XSXM4nVK8-x5yAZeW4EuHYhGBp52fREJTiMcMYXgHFl31-jtHxcx2-s6-dkFwgbVQkdxzmvtn21YDas7dL-HRmWkSOqwriwMZiWsv3FJl0tGnkJsrx_QsW06RrNBsuBnr73Dx7JlfUSATXj6qpGIsDsuV8KqtmadHfKxaA1p0MxXstmc5h7WXus0m3RYPCOZ7lwy1gG0kqGqlt4DsiLxbFYzA8Xmq0VSdQfcnWsTMvIBH7wzVhlDRVzJ4tQZAVQ4AaN09XUPhNqTkAImcRzbjRmC4-KcRumzzOMgCEtaD_quHm-tcS7jsEGL5C00CNxIHzykHzrQGSxKkbhnB1OytQcPR2Ao&sai=AMfl-YRH9r67tguWcVXYovDDTbimLHNiEZitfEdMR9GahCkdm9PgXtt7YsMHhWNV8ivM1O1O1SY_rflB7QydV57xixVCkf8uZpEWWN7XyAHQXV03oy39MFH6bIbiurE0ZqizxNgWm8UzdqfBLLmogqMZ&sig=Cg0ArKJSzBuEZnI7bh35EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D731C33218ECEDF930345291CA95DEDC
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Frame ID: E1D5EE738ED77C2AD1949F90864B56AC
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 3C559D45B32936C109B0DB03186D0C9C
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20230627
Frame ID: 29FF69311E1870932D60FCB3737BCFA4
Requests: 21 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: D6C0A78C5687D197B7EB1FC333597B28
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 9FCCF05C9F655E4F5BE573806E713FF2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B553512825EB47537505E09EF53A236B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3F11296355D32B653614F458DE71B727
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 7CE856B28745FD583E9D1F5DB0B3932C
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: EAA1F3FD5D610D9EC8E3D859382469C6
Requests: 6 HTTP requests in this frame

Frame: https://744cdf5eb2e58548a5a3841447c3e2b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: C9B3DA93EB32E73CD7353755E8B29213
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7E232E4FAC450A1961D2E73D47420E3A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C9AA3E6480CDB1D3DE09905497FE426E
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvOV1Z_0hDDYbA0X8949rDt-gCtpk301ZmZ6KIqI9ANqqiLQoJCLLEE8tVfIP49FLiNDexT0trmxjxgkCwY4txJIUt6WTgyDaNs3scWw9M4kmPYT1ayfrMn3abjXCQi3kJegSMYOOXqlxdC4U3EARWN6a-f3kUhR7p6OWWbj_xNJwcp-jAWbuBnBhTMG9dBu4SuC5KYT906vWo54Qguyxx3SlKY1fHpHVcYUrMJW8N8BV59AJ7IDn9Rwrv6A5wepv71A5aN8jPrtSF3UnE6E_FnwATFhFHS_VmsoTKroxALt6-DXFoeosmPgNKh8GlCM4JsDwgnDL1OCIGqyX8ZWwr_V9k-3blNjdPRQrfygluV5WzTXDDiRkMIG61zg9YiC7EjJvm31c&sai=AMfl-YTz-ta9S3yPtaHtYHEeLmaAY5Zt4aTn5RUVlw9Pk3M0XnaOssuGGxdO0dRiJGh_KTKyw0_mQjnLODGafI54KI_qajN6cUxZtA-CxWT2Pfyw9aJ4czjFKu5r46uta3o&sig=Cg0ArKJSzFoG07PRL-mdEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F07FE557152D980C3E69851AAA709E4B
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Frame ID: 78A12012B41650209F6F40387718AA42
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20230627
Frame ID: AF0FDB789234B17176DAA71EBD2575D4
Requests: 21 HTTP requests in this frame

Frame: https://stg.truvidplayer.com/v5.827/prtct.php?val=f&geo=JP&timestamp=1697421523&level=0
Frame ID: FC35F3149645FC07B82750B6C2AC5AF6
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 3E05D0BB3A5C7601BA358D3875D18230
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 0FFD3CC32DBE32D2E5BFBE6F0E75938A
Requests: 6 HTTP requests in this frame

Frame: https://478daf98188a8312f1f449755c505cdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Frame ID: F167E8EFC004F2EB99B189BC036B0BF7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7558FDADBBDAE7B885DF30A8D2DF6E80
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F34318ECB6755A1EAC6D479AA830C3B
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjste100xLvFULbv9Hu4HUZMarfuS4p-65b1zRFidBQTB9BwTZLPVBFULTq81GrMzVM600WcmBmrXmp2CfMhCNa5axtjNMOtDB4NFejKirUOq3OK4H6gv0aIV6ijDj4Xyt-L-k35TvgmDMr6NCBRMgO5Ry56xJanw20KNHq8uHLtphsYhuMZSm-zbMqBEIRkbijeBbr3Ow6NRXvAHeCnCksDXHhxzcXi5fHTki4lWHAop95mtFE1JPTftDv8oImA2hkbuewh1ws2Z_iNqrV38k1_V-JPTfa_gmuVJwZkntgtp7gNsamDnHnyUwNP0WQdSJArJcEfO5qPLTnq4ZQ9udQtJCOMQIr7kTy0V4TYnnul7ZacklOmUvtgzFw8r9SdC7pu6CfW9TjY&sai=AMfl-YQ_-4XC8hv4MKRib7uosohSZLUbj3y1yYFLHxz56g77yYuiKLV2zk0NYJgL5CVHJsGbCropqSkpQRhc2b1vup1C_Vgpn-Mx_eqEBOSTt8MQO_e2w5tTHSY5GyCO64U&sig=Cg0ArKJSzB2nyDydW9AvEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6C1BCDB38E5B82BD8554B4492A70F3CD
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Frame ID: 7C6374B47274F54629D111C2EB3A5992
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20230627
Frame ID: E6A552BFA11D4C54D0D49CCE6A2DD819
Requests: 19 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 6B3194AFE9FB6065E236FCC8F0B8E282
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 14FA7D2EC83B3FF19350AF45DBE8E5CB
Requests: 6 HTTP requests in this frame

Frame: https://58996e0448e9a2b59468d7fc5fbf5b16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=9
Frame ID: 7AB6A8167CA130C5C1CBDAFDE85574AA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnPZv9AvbSqJXhZ3TW9Y5-8OyFDNLA8fNLr-9k7qz7T-vSjhIz7HNZVtZzkSPUmc-P0Z2EMl1gUyIB8AplClxrIL2PvV_7y5pt44z56Hgom8xbeFR_J2dmAy6xJEACvzvU4EtTZPJpUTeosyRJ7FEKLvoCr0l00ZDABREqzd5Usu1cL2c5_F3XFSRRzdR0ATtJjnjlBF6LYIkL6hv_QyHBhwhVG38q9oVsQQy4W5ol7QGjSK9amE7rsvgE1OBgb5lPaXi_ryQKQJ6GWwUnANoRqw9bRnYu2xTudMQyLUymabjeUXWh6J9VJvIeVfATtd77wMiSet0v6NfxEjQ23qziu5m88eQ5eOI00xowBkp9VDX0HGBjzLe8pMYTM7sNp0gEtIvCMEo&sai=AMfl-YRMv8SA7oqiKWGl-FXHwItqRUN1ESrsVz99RhtTQjmZFz5Nm6Fj4qUq2NASoh7MAG8RspU-nAzKxOElWOkjLYIzvUuzanDGKyERF2K1vzvsx6dbYHXfEFrnPwfUSrc&sig=Cg0ArKJSzME7YamwiV_SEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1A06F09BDB582EB77EF1BB1A3A17DD3B
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Frame ID: 30249C208F6BFDF0DB3519F2D42B3D90
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20230627
Frame ID: 7D75A7139998DFA265CDC8CB808883DE
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9936B5B05A72003F27925B5A689F7FCD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BD4A2FE51F776DC17A8A442C753C652F
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 987165C1567A6E044913758367B99727
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: ED1243C249EB44CBE893C3F8DE069246
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

縮短網址產生器 - reurl

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

310
Requests

91 %
HTTPS

38 %
IPv6

43
Domains

73
Subdomains

62
IPs

5
Countries

4408 kB
Transfer

10973 kB
Size

45
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FGKjnKp&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FGKjnKp&rid=esp&cc=1
Request Chain 108
  • https://match.adsrvr.org/track/cmf/openx?oxid=6f3d37c9-6b3b-7ef9-e27d-593529ab5187&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=6f3d37c9-6b3b-7ef9-e27d-593529ab5187&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=d9112e13-d4e9-4d5e-a1db-1cdf11a04a6d&ttd_puid=6f3d37c9-6b3b-7ef9-e27d-593529ab5187&gdpr=0&gdpr_consent=
Request Chain 109
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZSyY0MCo5s4AAOI5uIoAAAAA
Request Chain 110
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbbpdZYw65Qoks8AD7P30QcI1s8AAAGLNjTwWg
Request Chain 112
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMcHojsvO4vd6Um3oU2rgUU&google_cver=1
Request Chain 124
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 125
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 132
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 157
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=NyvkTBtoCo2wVlg-0ZgsZQ
Request Chain 158
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
Request Chain 161
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=o-nYx3xFVnp5RnB1ZlAzMm1QZWRzeUJnU0JkRUFKZTVueGdER1VtZm5SQWhaYmdidTZuYmd2ZThmakF4MWQyVXhienR6UHQ3TFBEZkN1VHJiWUFadzMxN2xlNWdBTTAzdnFaMTdjQWQ4M0N6bDNkV3YxWXpQdk5LelkvdGVXU0lMTXBwbWYydEtoN2ozQWgwc2d6WE9LbTV6eldtbjlTYVdLVlRPMktaTHNhbW5rKy9pOGt0czMydEhIUHBHQVMyV1hwZG5jbi9EcUYwZ2MzSnhkd3RoY3dnRWIwaVZGajFPbngyZThUdURhMDhOMUdUQ2lCQWtNL0h0VENZQ0o2TUpXckdnbHgwSmFVK3JoeHV5NHAwYVRNNVM3dz09fA&cppv=2
Request Chain 178
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=UBwmPF9Yd3c2SkVmM2xYVVVjb2xHbWl4dFpJR1dOOHY5ZzBnaWVCZlk1akRhaVB0Y0JhYTRZeFV5Sm1FdDVwVkdwWU5qejRYRkJJdW9xazI0bXJmSFRCNDVPcXN2dWZhJTJCN1c3WmRlTXc2eVBXc2JPcnBWc1lpb0Vqc1NUWVg1SHFqUWd2JTJGMGglMkI0M2RaJTJCOW9IaURacnBZQlElMkZBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=10HTBXxJcDliQ04wdzkwZ1hjSzZvdElwM1A0S3c4MjdNUHdtL2twc3RPNnRnUWY1YytieS81eUFLVWRmV3pZdmRQbyt6VEYveFZYdzJPRUlTZUE1ZEtvMm9YOVpDbERra2hFVzhFSGxFeEkvL3JFZkZ2U2NaL2ZUQzduN1BFUFhWL0I4Y2UybWlMb04yUVkrdk1LOVBzeWdXM1VsaFZGb3QranVzQVoxTGVnWFVZQnlxN1lzUmdvNzRQNmN2THRRSkNOYWhVMDcxZksydVpudHBsZ28wL0p0SkxDR3E4WTM1VjZiQzk1T29lUnRLS3VEWlYzRWVNZEZSa2IwOXcyL2c2ZzVvOGdNUGx2bkE5ZDlwcmVGM2ZUWXpTZz09fA&cppv=2
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH&uu_m=undefined&google_gid=CAESEO12AL_WIRehrfES9wEnVdY&google_cver=1
Request Chain 213
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
Request Chain 214
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
Request Chain 215
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
Request Chain 227
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=d7kQ4F9Yd3c2SkVmM2xYVVVjb2xHbWl4dFpJJTJCM2hielpGNVptTThjMnE4U2VDOEEycDJPck9nNFpCeHMxSWtZcmIwWnFKREs2em1tSEMwM3pHOCUyRmRyS0VDRmtueU1uciUyRkUlMkZhUmIlMkJYMXJWZUglMkZMMXIwQzNtU0xWYWZHeSUyQndwUlFZMzNpSDVCUHhOVHJDZmtNVlBtcjB6QTUlMkJnJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=PjX7E3wrWFNSWHFlZXBRQWhoSW9sZFJBL3Y1REJjeEZPbXZIMU5zUjh3OUMydGRpdStrTEtCWmdJTGt2Tk0wWlNVZUZSczVvMGJxNlV2VVlSNDk5ZisyQmdUT3l2NjFVVDJTdk95THo4ancyR05abzNwZHZOekU3S1R0c0pvblNYdkZhMHpxc0llVDJ3VWQ2bjFMTlNDc2g5MkZXR3VvbkFIOWoreStucjR3MnlxT2tMNVBHQ2ppREdKWUpBejZ6eWlDZjBBUlAwYUJXQjRpRk1ibTRUNkE3Mk1Pc3BHYklVWDluQ2ZjMTQ2U0NTRTV0YWhnRnRqeXFNSk1DQjR3YUIrL0NwU0RoLy8yYmhTTFU0cG1sR1EvQjNoQT09fA&cppv=2
Request Chain 248
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH&uu_m=undefined&google_gid=CAESEO12AL_WIRehrfES9wEnVdY&google_cver=1
Request Chain 259
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
Request Chain 260
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
Request Chain 269
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=06NSpV9Yd3c2SkVmM2xYVVVjb2xHbWl4dFpJR01ySUp1YTVMUk1aeVNCZGpPS3dacGZnS2lsbjF6RCUyQks5dmVsRFFBVHpyRUxzUzM0eFlTT2wlMkJMUWlhcTNvJTJGN3NpdVVvZWUzUkZUeWVMbTRYVmU3RWhseiUyQldVcTEyRlFtT2RIeVJEdHNLWGpJZ0xKZHlnT1pQWFFJZEp6Q1dGUSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=aKAsKXxmNDVvamhLK0pGZjNzWGhCVXRQL2F5c2x4WTJrdWcwOEQ4ZXJMTU1rUzUvVkRlS1E4WVczaDl3VGRsbnR5RXlFeWhOUnNaZitJM0dUMWNVSllCTkgrRGlFd0xJV0V6aml2OEFhTXdEd3FTUy85WjdxMXVKZ2xzMnNVQi9GQ2JSRkpObmE1NUNIK3pmZHhOeHNzeVRtRGdZN2kreTNjaE5LTE41WDdHM2ZGOThtWmdWQmtrUFFTUmVzQ0xrQlFRRlh0ZTdWYmU5aXhYYi9iWGphSFAzU3ZHeUorcGhreWhqODF0bXlabEFyejRqc2RPVGJueUFtNVpROFZjMTFZQ3JtUkRYL0lQU2llNE4vTGlIUG9uOTJQdz09fA&cppv=2
Request Chain 288
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH&uu_m=undefined&google_gid=CAESEO12AL_WIRehrfES9wEnVdY&google_cver=1
Request Chain 300
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
Request Chain 301
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
Request Chain 313
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=6NGOEl9Yd3c2SkVmM2xYVVVjb2xHbWl4dFpMaFNseHNDOE1uNWNqbWoyWld5a2pqbkpPJTJGWUUyNVVDWUE0Q0x2NVdpeHRoR1klMkZ4TkFuTG1QWFcxWjdnblNzbW5UNGZPcGc0YUp5Y2g0a0lLdHpVZWR3QlVZZCUyQklod0dkRnZMeENlTDB2JTJCNmVRRkxVNkp6OXNBTTdUQlNLWGFuUSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=agHCEHxzZEMyRXdPZ0EyUnAvYXBHV3VFMUsvd3o3UjR5ODJHbFRkdHRUci9idTdMWHdtUGVKVkxpNFZBVW5Sc1ZiN0dXbmgxWnY4WWYxZU5qUllwaVlpU0VkYUJPSVZxRFFqMDZ4L1hPeUdmMFd3emZ3R3ZUb0l3WERPcUhiRXNldmpTQjhFTmJmcnZIOXdtQ05oN2RiNHVsQzE4a21JTnVHcWZUb0t2bUNWV243YStYVkwxZitYSFRZemNKa09UL1Z5R3hYVGhDU0o4Zyt0VFgxVzhDVytmcWNCcS9IR3RzU01mQmFYNDBHUG5NRkl2d001dzVDODNCTUh6VlFxdElyS2dlcU9RMG9VOFM0Y0s0SFRTazBMTmxLZz09fA&cppv=2

310 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request GKjnKp
reurl.cc/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
77f9aedb9363c94c5ad4c8ad89025f48bf9afda382c093a7959cead70c08bd05

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 01:58:39 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
target
http://z6b.cn/ywXiP
vary
Accept-Encoding Origin
x-request-id
bcd5ffa1-924e-42ca-a9ce-65a67f013b7b
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 16 Oct 2023 01:58:39 GMT
x-content-type-options
nosniff
content-encoding
br
age
4072925
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25648
x-served-by
cache-fra-eddf8230028-FRA, cache-nrt-rjtf7700029-NRT
x-jsd-version-type
version
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
storage.reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:54:14 GMT
content-encoding
gzip
via
1.1 google
age
21866
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
904
x-request-id
82365f5e-8557-4d7d-8d3c-96ea8b767e37
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
ats.js
anymind360.com/js/9479/ 		164 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/9479/ats.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
469d4d0f83b5f36bbf22241eff44e58a8a1c54ed9e64f246fab82c8f9a19e8a9
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Sun, 15 Oct 2023 11:40:50 GMT
date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
51470
x-guploader-uploadid
ADPycdvw9W_L0B4sEZnOmCRMP6OmDI2s3e1XOwrgRedGiV9wlyJOZadSO02uD9-6fsS5zjr3V8ddQjAD9g
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
39127
x-served-by
cache-tyo11954-TYO, cache-nrt-rjtf7700023-NRT
last-modified
Tue, 15 Aug 2023 07:32:57 GMT
server
UploadServer
x-timer
S1697421520.054090,VS0,VE0
etag
"a251cd6d6d1d7b8a30fd3b078f2341e2"
vary
Accept-Encoding
x-goog-generation
1692084777439942
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=nyYt0Q==, md5=olHNbW0de4ow/TsHjyNB4g==
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
39127
accept-ranges
bytes
x-cache-hits
710, 35
pixel.js
storage.reurl.cc/javascripts/ 		429 B
530 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:00:36 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
25084
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
429
x-request-id
004ed7e5-15f7-4759-b8b1-ae940deae28e
view.js
storage.reurl.cc/javascripts/ 		355 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/view.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
fad41bf43b95675bd3f74f2194dcd5efc947245f44f7cf2437b22724fd41159f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:00:36 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Sep 2023 09:16:51 GMT
age
25084
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
355
x-request-id
d83e04c7-5947-4b77-95ca-b3d338d8168d
ga2.js
storage.reurl.cc/javascripts/ 		536 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 21:14:57 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
17023
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
536
x-request-id
4b1b4022-f3ac-4b3f-94b1-3623ffbc71a6
js
www.googletagmanager.com/gtag/ 		275 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81f::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3d2c11ec04c461d9e2756458ceb2bc211bae576d409a68ef9cf7a119a44987f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92820
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 01:58:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
110dda1386a63421ea8c414c9df566440c2b222c218873dd3ef55a5c7d1ba8df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29418
x-xss-protection
0
server
cafe
etag
405 / 19646 / 31078805 / config-hash: 16770446656291207178
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 01:58:40 GMT
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 16 Oct 2023 01:58:39 GMT
x-content-type-options
nosniff
content-encoding
br
age
8047565
x-jsd-version
2.5.16
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33184
x-served-by
cache-fra-eddf8230020-FRA, cache-nrt-rjtf7700029-NRT
x-jsd-version-type
version
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
renews.js
storage.reurl.cc/javascripts/ 		412 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:35:03 GMT
content-encoding
gzip
via
1.1 google
age
23017
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
286
x-request-id
e45af5a2-badd-444e-83ef-67952d81f8f3
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
loading.js
storage.reurl.cc/javascripts/ 		134 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 22:27:37 GMT
content-encoding
gzip
via
1.1 google
age
12663
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134
x-request-id
7ad6897e-c665-4769-9140-53a4ea88aff4
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
page.php
www.facebook.com/plugins/ Frame A046 		91 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a24a232bc6a7435a817f3acc9d7ddc59be36960865abe353963e44b8223094e
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:58:40 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
Y7SyH9ht/UAByYnhT5Q4of/JkryyZ1KXMawBgY6IiqBzycgxTfjw8sv5meyNPdYh6nKD/mPPC0o8NeHDG2WqNQ==
x-xss-protection
0
feeds
storage.re-news.tw/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
981a2d0f65f8a9a243fa6b5f597e4219e95e11bbc3da29c2439e46bda4c6df6b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
via
1.1 google
x-powered-by
Express
etag
W/"19c4-TGkIuRn00X/hu8hBwKORZhQ5yB0"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6596
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 16 Oct 2023 01:58:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53498
x-xss-protection
0
pragma
public
x-fb-debug
9vcqaFWeSqoy2D6f/6hxEpMwxa+xjhhgCVONq93h8s7j6i5ancLOa4KM/ngtgRJZRrCHpdd0lzYXCmCJ+CD6LA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
v3
openfpcdn.io/fingerprintjs/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/fingerprintjs/v3
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/view.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.54.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-54-2.nrt20.r.cloudfront.net
Software
CloudFront /
Resource Hash
57281521094dd6fe0d1997e31eab51a203b0f338d39e730d260fdfecce621905
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://reurl.cc
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 16 Oct 2023 01:11:27 GMT
via
1.1 a49d1108e42858e6d1c36122e47a7db2.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-C3
age
2833
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
server
CloudFront
etag
W/"hurxpFJ1hzJm8rhSSUCMgpelT2E"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=617939, s-maxage=11101
x-amz-cf-id
jXbp0PleP3XldfnhX7b4BnUUn4wNpCEPjT3CF-JMNNQnk2GRhw8uHg==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Oct 2023 01:30:36 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1684
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 16 Oct 2023 03:30:36 GMT
1696885899-bf4aaf9e4458906299d742e992f6ca7a-773x525.png
img.gbyhn.com.tw/2023/10/ 		357 KB
358 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2023/10/1696885899-bf4aaf9e4458906299d742e992f6ca7a-773x525.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:6009 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d942cf03765f0e2d4a9731bf8e75a59480c887b94367adc51ec067ab969d27f6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
534980
alt-svc
h3=":443"; ma=86400
content-length
365230
last-modified
Mon, 09 Oct 2023 21:11:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=At3Oa1SZ2Tj5pMxnBVhHW0rwo474j5Di%2B4fkA9SrQApbVjzyE1e%2FMpVZGy3MZZLHSJ6lWtfTnIMv%2FGIAWfy51xbOgcMuzyNm3Y92eMeA7pkOU8%2FJ%2Bm0hVgtZz5pl7TsrOiMexs%2FiVnuF3Oxo6sfv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816cb2b4e93c263f-NRT
expires
Mon, 16 Oct 2023 21:13:53 GMT
%E9%AB%98%E6%95%88%E8%B3%BA-OPENPOINTS-%E6%96%B9%E5%BC%8F%E8%88%87-OPENPOINT-%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1%E5%BD%99%E6%95%B4-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2019/12/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2019/12/%E9%AB%98%E6%95%88%E8%B3%BA-OPENPOINTS-%E6%96%B9%E5%BC%8F%E8%88%87-OPENPOINT-%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1%E5%BD%99%E6%95%B4-1080x630.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fb83c74bb6ecf84215151d23e17e59295e13ac4a2e9b5b90607ac5fbba6d81f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
strict-transport-security
max-age=31536000
x-ac
3.nrt _atomic_bur BYPASS
last-modified
Mon, 22 Jun 2020 07:20:29 GMT
server
nginx
etag
"5ef05bbd-1eda5"
content-type
image/jpeg
accept-ranges
bytes
content-length
126373
file.png
static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 		248 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a7:3e00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-seen-by
image-manipulator-7c76496fbd-bz6ff
date
Fri, 13 Oct 2023 11:18:20 GMT
via
1.1 google, 1.1 27fd527ca41b443697065af9e9b069d0.cloudfront.net (CloudFront)
server
openresty/1.21.4.1
x-amz-cf-pop
NRT20-P2
age
225620
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
FLO9ohA1t_CatpUUJ9LHZA1UJ5Xv6IQOZOyBoEz-v2WwwwPY0OVOiQ==
content-length
253615
wix-tracer
2WhrxaKwv8p2lJNwgKmnBT7r70v
2023101023413094.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/10/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg?resize=1024%2C535&ssl=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc
HIT nrt 8
date
Mon, 16 Oct 2023 01:58:40 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 Oct 2023 09:02:46 GMT
server
nginx
etag
"ab5b506272fb167b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg>; rel="canonical"
content-length
109448
expires
Sun, 12 Oct 2025 21:02:46 GMT
Vis_Blanc_Photo.jpg
mma.prnasia.com/media2/2246428/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/2246428/Vis_Blanc_Photo.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:eec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
56b4da9549c2ea6db13d6695bd4737d776f9078e0a497e88b30bf9806ad44cf9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
cf-cache-status
HIT
age
64401
x-powered-by
ASP.NET
server-timing
intid;desc=6a578c78136349f8
content-length
25538
cf-bgj
h2pri
last-modified
Sun, 15 Oct 2023 08:04:11 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
816cb2b4eb8980db-NRT
access-control-allow-headers
Content-Type
expires
Sun, 15 Oct 2023 08:04:12 GMT
renews-title1.png
re-news.tw/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://re-news.tw/images/renews-title1.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.136.122 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
122.136.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
last-modified
Sun, 28 Nov 2021 04:19:19 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"61a30347-5fad"
content-length
24493
content-type
image/png
%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.236 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
strict-transport-security
max-age=31536000
x-ac
3.nrt _atomic_bur BYPASS
last-modified
Thu, 27 Apr 2023 05:06:22 GMT
server
nginx
etag
"644a02ce-2d1f7"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
184823
expires
Mon, 23 Oct 2023 01:58:40 GMT
ContiBit-%E4%BA%A4%E6%98%93%E6%89%80%E8%A8%BB%E5%86%8A%E6%95%99%E5%AD%B8%EF%BC%8C%E6%95%99%E4%BD%A0%E7%94%B3%E8%B3%BC-Richwell-DeFITs-%E5%9B%BA%E5%AE%9A%E6%94%B6%E7%9B%8A-8-%E7%90%86%E8%B2%A1%E7%94...
www.rayskyinvest.com/wp-content/uploads/2023/03/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rayskyinvest.com/wp-content/uploads/2023/03/ContiBit-%E4%BA%A4%E6%98%93%E6%89%80%E8%A8%BB%E5%86%8A%E6%95%99%E5%AD%B8%EF%BC%8C%E6%95%99%E4%BD%A0%E7%94%B3%E8%B3%BC-Richwell-DeFITs-%E5%9B%BA%E5%AE%9A%E6%94%B6%E7%9B%8A-8-%E7%90%86%E8%B2%A1%E7%94%A2%E5%93%81-750x375.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.149.120.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.120.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4952d97c9013418be3e4b014391c113cfe60624487dcbd14e13c1d8fa10fb66b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Mon, 16 Oct 2023 01:58:40 GMT
expires
Mon, 14 Oct 2024 23:49:37 GMT
last-modified
Thu, 30 Mar 2023 16:44:53 GMT
server
nginx
etag
"6425bc85-7a08"
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
31240
x-cdn-c
all
x-sg-cdn
1
1675200226052423
connect.facebook.net/signals/config/ 		125 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.134&r=stable&domain=reurl.cc
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7910dae21c955c7fc7bcf9a9e3569b9a79870cd360260f48332d893cc11a4a6e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 16 Oct 2023 01:58:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
33669
x-xss-protection
0
pragma
public
x-fb-debug
qpG8/c+Y0U3ETRyoy7y1pa+uSNeZz4tAIX7/0/DHvf4FHyZh/oKJEnsUIpKD488jFTTCmESwQSsWSTuML34GkA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
count
f.reurl.cc/v1/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.reurl.cc/v1/count
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/view.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.194.205.218 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.205.194.35.bc.googleusercontent.com
Software
nginx/1.25.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:40 GMT
server
nginx/1.25.2
access-control-allow-headers
Content-Type, User-Agent
content-length
0
access-control-allow-methods
POST, OPTIONS
count
f.reurl.cc/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://f.reurl.cc/v1/count
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.194.205.218 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.205.194.35.bc.googleusercontent.com
Software
nginx/1.25.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://reurl.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, User-Agent
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://reurl.cc
content-length
0
date
Mon, 16 Oct 2023 01:58:40 GMT
server
nginx/1.25.2
collect
www.google-analytics.com/j/ 		4 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2012606512&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FGKjnKp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=879135921&gjid=233103261&cid=2126258022.1697421520&tid=UA-102456694-1&_gid=298493848.1697421520&_r=1&_slc=1&z=2035554247
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2012606512&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FGKjnKp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MzEuMjA0LjE0NS4xNjg&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=2126258022.1697421520&tid=UA-102456694-1&_gid=298493848.1697421520&z=482592075
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 04:42:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
76596
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1697421520203&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=28&fbp=fb.1.1697421520200.1966315615&cs_est=true&pm=1&hrl=a6fb0f&ler=empty&it=1697421520145&coo=false&cs_cc=1&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 16 Oct 2023 01:58:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/ 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed217f84a2f42753409477460b63ce2ed71c6447b9ec89aa0abde7f42ae5bcf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 15:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
37315
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134786
x-xss-protection
0
server
cafe
etag
13749274744457858240
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 14 Oct 2024 15:36:45 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=2126258022.1697421520&jid=879135921&gjid=233103261&_gid=298493848.1697421520&_u=IEBAAEAAAAAAACAAI~&z=1513157063
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c00::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 16 Oct 2023 01:58:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd-5F3qQopr.css
static.xx.fbcdn.net/rsrc.php/v3/yQ/l/1,cross/ Frame A046 		20 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yQ/l/1,cross/sd-5F3qQopr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
622cba8c8c72e5862aa0873fbdec81452071fffbc730899bb59540fe6db8376b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
HrpfSMPqPP45YMhWsnm5TA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5358
x-fb-debug
QNl1okNiqf3NRLbcgfa+v5VUiPa8G9XFTV+ACAVOR1cQT1Rhhbdgqanw9js/YlHTROC1jyvH/bpctQp57mf/zA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 14 Oct 2024 15:31:23 GMT
-5Y6dYubcWv.css
static.xx.fbcdn.net/rsrc.php/v3/yu/l/1,cross/ Frame A046 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/1,cross/-5Y6dYubcWv.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
64e8ff4e132cc584171632ce26ac5512a6d95d59a87e20dcb2d9f718ae966d82
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
/RUYOJQ+A9nnkkiuTQcvBA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6590
x-fb-debug
rpZDnmz8c3mQ9+t2ulxKSWKuz3pVddEnaDuf24ao6/pzKIQVCpGlEPlXOHaFL9dCufR2KD0tyYLD5DiqIWaHuQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 11 Oct 2024 16:11:48 GMT
MNqA_sv_DFL.css
static.xx.fbcdn.net/rsrc.php/v3/y8/l/1,cross/ Frame A046 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/l/1,cross/MNqA_sv_DFL.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
934bea02bb040ce07c8049792b27a09f159157e9cc4f36edb97a825e985992ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
PcyvX1TbP9clx0tFCanjLA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5080
x-fb-debug
wU2mtUfOCwznI8zctFeWjNtG7kZsh0f+bwaJngsZQKZwQN2WfL+4/SYPY60MkEPTP9j755+tavrVvH6jaBXoEg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 14 Oct 2024 15:34:54 GMT
CxzjCMQABR5.js
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame A046 		318 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/CxzjCMQABR5.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
56e687887be4c418115fa34b4e7c8466f16ffce4ba5678efd915e69af36b1310
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
hWToMjMFp+0BKau02ycvOQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86659
x-fb-debug
jyuvPSCMsXC6TkobNb+2PjlFaiCYDJwpZjVPVX5W7qRYhJFwwQSAznnw1/l9Qbd9u9GEeue3ziQ5M3jQ+9uF9A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 12 Oct 2024 23:30:12 GMT
Zf4fbeAxpoV.js
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ Frame A046 		95 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/Zf4fbeAxpoV.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
441e18180227e61d32c049dcf2b01109eb0d1e83f9c1335e0c25448cddc59fcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
rWDLj12cLbPgKMqKTmHI2g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27873
x-fb-debug
xxFCCjiTRqhqDB6gdlqDyLQIcRq8xa2syW+yGW4aEaW9S6SvET9Aak92+ixXqh5X62fx3Ho9tDNLZaKTZC9S8Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 13 Oct 2024 17:48:13 GMT
B6mAd5gypzO.js
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame A046 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/B6mAd5gypzO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
69ce44c850d3728d53a284cdc8a06a6afc745bd5462095e8ba5a6bb0f464ee8d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
W/4zPDc5e10tqG6oIdpSHg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1699
x-fb-debug
WZlPc1CIzEeUxjMWtQZTrTou/iRei2Wy0+H84x90u72tSU0Aq8FvebsVsx5XWw74Hd+r/CUPi7OUlZnGQBis3w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 07 Oct 2024 18:19:08 GMT
912RZYp40qA.js
static.xx.fbcdn.net/rsrc.php/v3iFvO4/yK/l/zh_HK/ Frame A046 		237 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iFvO4/yK/l/zh_HK/912RZYp40qA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f69e010b824195c77d69d66c690d07908e53e8403044250b3d500a4aa1cfdc68
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
IhpBOxjd3VH817X8nA/TxA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
67697
x-fb-debug
AEv5inUBfuR/SEACnAPfR1CEqOs6kt3KKfXhpfahR8AxOr9TwadVIz5WKC5749W84b8U2/RKyX/D+pKN3ESSJw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 13 Oct 2024 18:19:40 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame A046 		507 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-debug
He+dJnwy8OViVGhlu0UmGmujMTkbP10s9N2sTNpjFKfekW0aWRYq4629dwd+QLrlvAGDdhCL4t59Bj7TecEjBA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 02 Oct 2024 20:31:47 GMT
vB89aqKLrm-.js
static.xx.fbcdn.net/rsrc.php/v3ioTW4/yK/l/zh_HK/ Frame A046 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ioTW4/yK/l/zh_HK/vB89aqKLrm-.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
909dc16db44609b043936045a28689c5dbcab37664b59492c3f3002da3114aa8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
PT50KpM1fnVaNl5lKQJUGA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30000
x-fb-debug
R+BgjYC4JmMPyUW1o1R7KBfxSnS3MOOqgUDl1sZaTepKijDMBYzIBQ2cBoSRZ7B59RBuZk70k7QIJkgTdTSg8Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 13 Oct 2024 18:19:40 GMT
rXFBesZmvW_.js
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame A046 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/rXFBesZmvW_.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb7fe7b68be275514b92d236b01a17bc5d2d4545bf20422cd91797402d6c5893
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3g7eyouJi03MIUYxO80Trg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13823
x-fb-debug
R4uRZtyK1XiMQz/81JNdEww59jubkuydm5/WIoIG9u85RfK4vbrNkre7VmNiANcBuJ+o0Lyh8D5tXGCd6rN0sg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 07 Oct 2024 18:21:58 GMT
4f5G48nbOFO.js
static.xx.fbcdn.net/rsrc.php/v3iSoA4/yC/l/zh_HK/ Frame A046 		343 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iSoA4/yC/l/zh_HK/4f5G48nbOFO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8452faae3cc4427bbabe13c15effe89b5f74600439456b6de7bee501dcf9ace4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
sm8i95/eaC+C9WhoL4GIjA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
82692
x-fb-debug
jF45n2w/E3CUMdvaPj9PslOHgE0v9aZ727XWH+tDkl4KDtrJwGAYrU3Nomtn9x6ikb08dcx2HKEn11ZlbDU8gg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 13 Oct 2024 18:19:40 GMT
I1ffYjE4inp.js
static.xx.fbcdn.net/rsrc.php/v3iZor4/y4/l/zh_HK/ Frame A046 		393 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iZor4/y4/l/zh_HK/I1ffYjE4inp.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
46d5491aba85d4a5ba7d28a2aef81ce76349800c54cf6f5909bb4620fec770d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Ts5aywM8Ig0lkVC8LPLiEA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
94580
x-fb-debug
w+ssEoOs30EFZsslICQskqLw1tlDcRX7uVYv+OdMpbm1Jv2sdzK8ZRN/NqKKL2n10+EkO0C31VEmGq/OeTpI+g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 13 Oct 2024 18:19:40 GMT
bx2eyYMDZJl.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame A046 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/bx2eyYMDZJl.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7cc026e77db99baed94299cd918459abd5ed75961f32a638baa09029b7edaec1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
7ZHxRrX4s3sc40g04xwOYA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9643
x-fb-debug
6JxCnC46bApp29CVEog9x5sVUZrLWQdcuRx04YkSBvCe/ll17iCGXzbJkOf1TyY/JCF241Ru4sGjWwtU7pXAyQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 13 Oct 2024 17:48:13 GMT
AOSMMkXOBOD.js
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame A046 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/AOSMMkXOBOD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2e30dc04b9a33bbc1591a93497cb143e52b2a69569e059c3790b7fb3aee39203
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
H3/mKPbzKBSDmtRrgEEh/g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4845
x-fb-debug
y20IdCkvPTtLuOxBVTgP6KDq07wuVwQTW9pyrgTTbVVk7mh7XIzzjMHVPqEglscr5Kmp0t3mPBG/dBdTjlbADg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 13 Oct 2024 17:48:13 GMT
cfYLQiZlC_7.js
static.xx.fbcdn.net/rsrc.php/v3/yg/r/ Frame A046 		70 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/r/cfYLQiZlC_7.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ddf14ecd9d977359f720d8e2328a99eb6b1ad2d2a310c49b0642c224504cde5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
DEJJdLGUp8gapfNIjMw65A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19674
x-fb-debug
x/8yJcB2byv8LbxWi8GodBr+TPFa2CSZ/7G/y3P+KmYZO/wrjRZ8yPFOih5t8mECsWEkyQj6sux8Gn51RmKOYA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 11 Oct 2024 15:36:43 GMT
325141786_6140032619364934_7377705774471631398_n.jpg
scontent-nrt1-1.xx.fbcdn.net/v/t39.30808-6/ Frame A046 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-nrt1-1.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=5f2048&_nc_ohc=jnk4NgOB5bkAX8aG1Ji&_nc_ht=scontent-nrt1-1.xx&edm=ADwHzz8EAAAA&oh=00_AfDli_Qx3obhDxuo17FMf2m5MzVUcXPgiPiAMlVoZnoQGQ&oe=65325485
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Fri, 13 Jan 2023 04:15:10 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1433450679
thrift_fmhk
GBA/LQA9R+k4Ev57U9GO/v/bFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2910780274
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
16853
305964663_450890893727816_1742559653774706626_n.jpg
scontent-nrt1-1.xx.fbcdn.net/v/t39.30808-1/ Frame A046 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-nrt1-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=5f2048&_nc_ohc=f0vLANAcQi4AX_7wvtn&_nc_ht=scontent-nrt1-1.xx&edm=ADwHzz8EAAAA&oh=00_AfCV7cfi49MNqQCXqWHsQgwAqCYk-5K5vSTh7V733F9joA&oe=65311415
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Thu, 08 Sep 2022 19:16:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2540016234
thrift_fmhk
GBA3gxIgwqBpggNzoRQbPpgXFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
88386505
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1345
priority
u=3,i
collect
analytics.google.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3ab0&_p=2012606512&_gaz=1&cid=2126258022.1697421520&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697421520&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FGKjnKp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=2126258022.1697421520&gtm=45je3ab0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c00::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N394QBRGC0&cid=2126258022.1697421520&gtm=45je3ab0&aip=1&z=1997873477
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-a892"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 01:58:40 GMT
ob.js
cdn-ima.33across.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 18 Sep 2023 17:20:48 GMT
server
cloudflare
age
547438
etag
W/"650886f0-39ac"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
816cb2b63a7d80ae-NRT
expires
Thu, 19 Oct 2023 01:58:40 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 21:39:21 GMT
content-encoding
gzip
age
2348359
x-guploader-uploadid
ADPycdv7A7UlWyYoEyZZoWvQBDDrkDzEu0ZQbVaiQ0BdyzAm2l6Swj2UdrPvIsv9evCEWrLn9kVxK_gwlKfCpKa0zhMjdw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 17 Sep 2024 21:39:21 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
5427ed374862a71f5fa905cfa06259ea
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-16.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:46:32 GMT
content-encoding
gzip
via
1.1 b93822242d240fe957b16155421ce866.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
729
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
blkRhix9wTCL92HIsJqJLefpBcNmO95EPGHle6SK10SvXjlLFmr7dQ==
ads
securepubads.g.doubleclick.net/gampad/ 		202 KB
37 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1897298158091929&correlator=642185494921047&eid=31078805%2C44782498&output=ldjh&gdfp_req=1&vrg=202310110101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847%2C13848%2C13856%2C14210%2C14209&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%2C300x250%2C1x1%7C320x50%7C300x100%7C320x100&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697421520339&lmt=1697389120&adxs=1445%2C2205%2C1445%2C1825%2C1445&adys=505%2C108%2C108%2C108%2C358&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Freurl.cc%2FGKjnKp&vis=1&psz=1140x90%7C380x250%7C380x250%7C380x250%7C1140x50&msz=1110x90%7C350x250%7C350x250%7C350x250%7C1110x50&fws=1024%2C1024%2C1024%2C1024%2C1024&ohw=0%2C0%2C0%2C0%2C0&ga_vid=2126258022.1697421520&ga_sid=1697421520&ga_hid=2012606512&ga_fc=true&dlt=1697421519955&idt=355&adks=81851380%2C1451399479%2C827794272%2C3242553145%2C3271617715&frm=20&is_cau=%2C%2C%2C%2C
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
262d80c85d47c5f5b86abcbd64ed0958a46670100006c41b98232411d6172be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37355
x-xss-protection
0
google-lineitem-id
-1,-2,-1,6297900949,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-1,138432357881,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1897298158091929&correlator=642185494921047&eid=31078805%2C44782498&output=ldjh&gdfp_req=1&vrg=202310110101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697421520348&lmt=1697389120&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Freurl.cc%2FGKjnKp&vis=1&psz=195x-1&msz=195x-1&fws=1536&ohw=0&ga_vid=2126258022.1697421520&ga_sid=1697421520&ga_hid=2012606512&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY0dvTsbMxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjR29OxszFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y0dvTsbMxSABSAghkEhcKCHJ0YmhvdXNlGNHb07GzMUgAUgIIZBIUCgVvcGVueBjR29OxszFIAFICCGQ.&dlt=1697421519955&idt=355&cust_params=url%3D%252FGKjnKp%26ref%3Dnull&adks=3261691140&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4434a4db0eeb2d4853f8a33886154efe86f4450601756f3e1395624d1c304f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12224
x-xss-protection
0
google-lineitem-id
6263003938
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138428653768
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
65fc8088df6115f40a8cfaa155fde678.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9B2F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://65fc8088df6115f40a8cfaa155fde678.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:58:40 GMT
expires
Tue, 15 Oct 2024 01:58:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame A046 		573 B
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yQ/l/1,cross/sd-5F3qQopr.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yQ/l/1,cross/sd-5F3qQopr.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
x-fb-debug
3iQadjKjZralFS3oJP1Xo1uo9P0IW7gqgJRhE6g4TIo5K7oASJtVEjIvos14VXiLeqQkp0wG6xyJ36Y5OnmXIA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 12 Oct 2024 20:39:50 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame A046 		0
0
/
www.facebook.com/platform/plugin/page/logging/ Frame A046 		873 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3ioTW4/yK/l/zh_HK/vB89aqKLrm-.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3982abb0f8088cfdb3a4186cbe10b23a5935cfb2156ad6a2d155cc087857c14f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
8T-RHn2UAit7meo0WzOw2j
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 16 Oct 2023 01:58:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
pragma
no-cache
x-fb-debug
r31hd+ESqHiPkMWkAqFZV+a9YQcvK2yM1W7PTGZ4qMMifvpCHEg+u41bSQcnkK8Fsft03nqSuJSJGzEqODuD0g==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame A046 		873 B
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3ioTW4/yK/l/zh_HK/vB89aqKLrm-.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1fdf22533282692bbc0f9231f65e564823b8e1990339761783352259af382688
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
8T-RHn2UAit7meo0WzOw2j
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 16 Oct 2023 01:58:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
pragma
no-cache
x-fb-debug
jbAd/VGBU/unR6XzyXiPRop4DPljd05APH/NM4P5LBFV8Oi51dDGyCGH4DPHEtbSQoJt9w086Y36WPy/NgncIQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=2126258022.1697421520&jid=879135921&_u=IEBAAEAAAAAAACAAI~&z=16248494
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=2126258022.1697421520&jid=879135921&_u=IEBAAEAAAAAAACAAI~&z=16248494
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FGKjnKp&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FGKjnKp&rid=esp&cc=1
85 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FGKjnKp&rid=esp&cc=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
a74eb0e4e103230052baf384d40ba004d41f92ecc60731900a7d8f231a94c5f1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-Ys8V/mF9E/mOCMYYYgRaSKbbleg"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Mon, 16 Oct 2023 01:58:40 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://reurl.cc
location
/esp?url=https%3A%2F%2Freurl.cc%2FGKjnKp&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
iybDl_dCDMK.js
static.xx.fbcdn.net/rsrc.php/v3/ye/r/ Frame A046 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/iybDl_dCDMK.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/CxzjCMQABR5.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
db3d085615ba3b01c33e66c935f43835768d124ceb46483e6e1aa2b48c8b068e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ZFrn8CVzHHgdlL/FRD+Qyg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7445
x-fb-debug
xHWBp1uzp1+MiwkG+mvfHTEwMuFcaNqvH8WOvEGV9Cu2IiOzOHW8GEDHZtO7vKneHOESxTlWuwopX9IFmCwULQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 12 Oct 2024 04:07:57 GMT
d-hjr2s8IsS.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame A046 		340 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/d-hjr2s8IsS.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/CxzjCMQABR5.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3a092f5e7d15e7d132f3043c1d3693bd4f3eb609e4c4a2dcf36f72e86fda6bcd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5Bt067hL2UH6kGEhKAUbHw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
74959
x-fb-debug
3h9SWawPd7mwMJGooriZdtBb2b0MaGKr0uF+RER3x7KpaXXKyLhOnPIUqEvSD6E1rP4cXS4GBBgpfCZUFMMsZw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 13 Oct 2024 17:48:13 GMT
1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame A046 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/1,cross/-5Y6dYubcWv.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/1,cross/-5Y6dYubcWv.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
x-content-type-options
nosniff
content-md5
Bsv/k/2TeJemYEeLUt4www==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12027
x-fb-debug
QPr4hSLxy1QddSDpZXj6ABRiYUHAqkXPwQ0hBrZ9+9AEPsl4kKbdrAUOyXqnck1de7KxfstCo0yUSOWY3crs+w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 02 Oct 2024 20:21:43 GMT
xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame A046 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yQ/l/1,cross/sd-5F3qQopr.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yQ/l/1,cross/sd-5F3qQopr.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
x-content-type-options
nosniff
content-md5
rB4cTW8WNZcBsFntToJGtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1315
x-fb-debug
lV809rsJo1SrAdooOoFtxssOZbnsWysNOJstb0UDo9W+7OG1RpezKQlLTMI/7r6D+34fwH13MeZeuk6lb1kzuw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 06 Oct 2024 17:51:00 GMT
map
bcp.crwdcntrl.net/6/ 		235 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.47.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-47-19.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e508422ef955779a859983a748833f131e41eca5f706ae23017e4bc1fdef40b2

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://reurl.cc
cache-control
no-cache
x-server
10.42.6.84
access-control-allow-credentials
true
content-length
235
expires
0
ieeHDjcGsIR.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame A046 		213 B
352 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/CxzjCMQABR5.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
x-content-type-options
nosniff
content-md5
oSUZEsOZh+qyGbXjvLFs7Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
213
x-fb-debug
g7fGcFRlK6fEdLSkXWsVubdHm4BJS0ryKfjX4gQXw8lPboVRUAsGLi51RvwM9IIILqLXftzXJ4xo3zurQAj4Sg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Thu, 10 Oct 2024 00:39:00 GMT
/
www.facebook.com/login/ Frame A046 		0
0
/
www.facebook.com/login/ Frame A046 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/CxzjCMQABR5.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 16 Oct 2023 01:58:40 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
eud7fReR796GMV6p2Q8MwpU1tNEDYbHplIph8E2wnWiB/pLW0iIhIm3+UxSlapeXPbIfRQxw4YzPc4gZ7V7Tgw==
x-frame-options
DENY
x-xss-protection
0
bz
www.facebook.com/ajax/ Frame A046 		0
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 50D2 		484 B
732 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7bef007895ab6a56310a23547958ed94d00f4fa4342c51547cbf763b96a9a0d5

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
306
content-type
text/html
date
Mon, 16 Oct 2023 01:58:40 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012309290141000/ Frame 0904 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 13 Oct 2023 11:58:26 GMT
age
223214
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56111
x-xss-protection
0
server
sffe
etag
"196a98f213e9af2a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 12 Oct 2024 11:58:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 0904 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 13 Oct 2023 20:13:00 GMT
age
193540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5226
x-xss-protection
0
server
sffe
etag
"b67abf1ac5d05c62"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 12 Oct 2024 20:13:00 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 0904 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 13 Oct 2023 21:58:16 GMT
age
187224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29036
x-xss-protection
0
server
sffe
etag
"f80aeafaeae93075"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 12 Oct 2024 21:58:16 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 0904 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 13 Oct 2023 03:24:03 GMT
age
254077
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1915
x-xss-protection
0
server
sffe
etag
"5fa0b581892e5d76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 12 Oct 2024 03:24:03 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 0904 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 13 Oct 2023 04:42:20 GMT
age
249380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"f431afcc9b21c868"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 12 Oct 2024 04:42:20 GMT
css
fonts.googleapis.com/ Frame 0904 		542 B
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C700&text=%E9%8A%80%E5%AF%BF%E3%81%AA%E3%83%88%E3%81%95%E9%85%8D%E3%82%8B%E5%AE%85%E5%8F%B8%E3%82%92%E3%82%B5%E8%A6%8B%E3%82%A4%E3%82%89%E3%81%AE
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81f::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d64629eb2aa76b0c8fb6316b36920860231576b7394658f4bdbe2f41dcaae06a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 01:58:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Oct 2023 01:58:40 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0904 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:46:30 GMT
x-content-type-options
nosniff
server
cafe
age
730
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Tue, 17 Oct 2023 01:46:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0904 		344 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 07:37:54 GMT
x-content-type-options
nosniff
server
cafe
age
66046
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 16 Oct 2023 07:37:54 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012309290141000/ Frame 78C2 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 13 Oct 2023 11:58:26 GMT
age
223214
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56111
x-xss-protection
0
server
sffe
etag
"196a98f213e9af2a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 12 Oct 2024 11:58:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 78C2 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 13 Oct 2023 20:13:00 GMT
age
193540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5226
x-xss-protection
0
server
sffe
etag
"b67abf1ac5d05c62"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 12 Oct 2024 20:13:00 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 78C2 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 13 Oct 2023 21:58:16 GMT
age
187224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29036
x-xss-protection
0
server
sffe
etag
"f80aeafaeae93075"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 12 Oct 2024 21:58:16 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 78C2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 13 Oct 2023 03:24:03 GMT
age
254077
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1915
x-xss-protection
0
server
sffe
etag
"5fa0b581892e5d76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 12 Oct 2024 03:24:03 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 78C2 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 13 Oct 2023 04:42:20 GMT
age
249380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"f431afcc9b21c868"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 12 Oct 2024 04:42:20 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 78C2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:46:30 GMT
x-content-type-options
nosniff
server
cafe
age
730
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Tue, 17 Oct 2023 01:46:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 78C2 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 07:37:54 GMT
x-content-type-options
nosniff
server
cafe
age
66046
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 16 Oct 2023 07:37:54 GMT
truncated
/ Frame 78C2 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81fb5c57f048aa98742723ab3f9fc839d722873c784ca3a39f73ee1459cf2d25

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
8305597804859374120
tpc.googlesyndication.com/simgad/ Frame 78C2 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8305597804859374120?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlHIpFvJ7XIMTmV6J770-wpTOZ9-Q
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec22f56b265b6fc06dcc37acafdd9fb34af80c5bfa8818747d5c0fa6d015a8ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:18:07 GMT
x-content-type-options
nosniff
age
232833
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48812
x-xss-protection
0
last-modified
Fri, 11 Nov 2022 08:33:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 12 Oct 2024 09:18:07 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/619289082519063160/ Frame 0904 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/619289082519063160/6592766407814317453
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5b79852ed9407b5657fd04241c72bd1b8303defa7df5f31f31babcbb3ac7383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 03:07:18 GMT
x-content-type-options
nosniff
age
427882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58518
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 10:33:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 10 Oct 2024 03:07:18 GMT
truncated
/ Frame 0904 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8f9c278cf4c2f019691840f0b9fa817ea1b5a7f325fa3e1f0753ce163b8f982

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2C0D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvn0LDMjnO06QTf0bCC9ZyDm12kMJXLszCU2usrhYX1nVudTOPp6zEqmjqp7669Y5xfiXPRhKcFJ6W1d5aVtGCPUObwCUf0lj9YkEk7eeZqy5108uQEDDMYhEyIPhnOloXT_lCj_0NeVzqXKkprOrCyT_2lyW_Tp1gKH_XoZqU55iEnVASA2eVEK1XcQm-64RnZb7AlCbabcN4vVm7E5VNsiYLeo31wztFHkywyNgG3AohctzYvU9Wi62jaO2VNLlfs5YMZL0S9R15E_vzeFjDsl_BmAxJKz31GOzjMAiDRXudbUsGXCvNNKPStNs8fyU5TMTSssywroq82OY1bATv3EaXfQ--9NFImj9_RU6GYSdSWzWKOsXEKnkB99fYs&sai=AMfl-YTf9edVhvRLNBA_Ld7QITxEEKfCIlLQcW0ISdCiCXfdj0ocGf0biQ71lwruBu8OCCtNrsf72YDmRhNrRFP-Q4Q3IEaPCQ6Y7H7fBHqTYJSAdpYQoU5Hr_Awpf8yyhWLiJYrNysE3-gdbl74KrXR&sig=Cg0ArKJSzPFJ5JjSZYPmEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 16 Oct 2023 01:58:40 GMT
init.js
cdn.holmesmind.com/js/ Frame 2C0D 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f8e15342517755abc1831a42d004f007ab0e00cb26bbbd6aa6c4193d89bb882

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
f8_4CwQTT_UnBXRtf02aiYVk9aB8D47H
date
Mon, 16 Oct 2023 01:58:26 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Fri, 06 Oct 2023 03:42:38 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
15
x-amz-server-side-encryption
AES256
etag
"9d3aeb1c087722541820446aebcd8c24"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9235
x-amz-cf-id
6nZLnbiRTSODBYYru-kA0Lg-zSH6H_3Oatu9JOYG1F4l6W3bsB1MSA==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2C0D 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c030412fdec3ace1c06a77bfcd3e234979447c7fb42526ed910405bd1712a6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62142
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Oct 2023 01:58:40 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012309290141000/ Frame 93CF 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 13 Oct 2023 11:58:26 GMT
age
223214
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56111
x-xss-protection
0
server
sffe
etag
"196a98f213e9af2a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 12 Oct 2024 11:58:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 93CF 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 13 Oct 2023 20:13:00 GMT
age
193540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5226
x-xss-protection
0
server
sffe
etag
"b67abf1ac5d05c62"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 12 Oct 2024 20:13:00 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 93CF 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 13 Oct 2023 21:58:16 GMT
age
187224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29036
x-xss-protection
0
server
sffe
etag
"f80aeafaeae93075"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 12 Oct 2024 21:58:16 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 93CF 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 13 Oct 2023 03:24:03 GMT
age
254077
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1915
x-xss-protection
0
server
sffe
etag
"5fa0b581892e5d76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 12 Oct 2024 03:24:03 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 93CF 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 13 Oct 2023 04:42:20 GMT
age
249380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"f431afcc9b21c868"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 12 Oct 2024 04:42:20 GMT
css
fonts.googleapis.com/ Frame 93CF 		818 B
458 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%9A%E3%82%BF%E3%81%A7IP%E6%97%A5R%E3%83%AC%E9%A1%8D%E5%AD%90%E5%BC%95%E3%81%8C%E7%A2%BA%E3%81%97%E9%9B%BBD%E5%85%88%E6%9C%88%E5%8C%96%E3%81%BE%20FO%E3%83%BC%E3%82%92%E5%8F%96%E9%96%8B%E3%81%A8%E6%AD%A3%E3%80%82%E5%AD%98%E3%81%8F%E9%87%91%E4%BF%9DA%E3%81%AB%E3%81%99%E5%B1%8A%E5%B9%B4C%E3%82%AA%E3%83%BB%E3%83%87%E3%81%A6
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81f::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b296345a92fa1a9645a0b5316c0d54e49ee0df4695af3a6f124f41fc65ad5b8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 01:58:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Oct 2023 01:58:40 GMT
css
fonts.googleapis.com/ Frame 93CF 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81f::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Oct 2023 01:58:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 01:48:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Oct 2023 01:58:40 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 93CF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:46:30 GMT
x-content-type-options
nosniff
server
cafe
age
730
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Tue, 17 Oct 2023 01:46:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 93CF 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 07:37:54 GMT
x-content-type-options
nosniff
server
cafe
age
66046
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 16 Oct 2023 07:37:54 GMT
sd
us-u.openx.net/w/1.0/ Frame 50D2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=6f3d37c9-6b3b-7ef9-e27d-593529ab5187&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=6f3d37c9-6b3b-7ef9-e27d-593529ab5187&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=d9112e13-d4e9-4d5e-a1db-1cdf11a04a6d&ttd_puid=6f3d37c9-6b3b-7ef9-e27d-593529ab5187&gdpr=0&gdpr_consent=
43 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=d9112e13-d4e9-4d5e-a1db-1cdf11a04a6d&ttd_puid=6f3d37c9-6b3b-7ef9-e27d-593529ab5187&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=d9112e13-d4e9-4d5e-a1db-1cdf11a04a6d&ttd_puid=6f3d37c9-6b3b-7ef9-e27d-593529ab5187&gdpr=0&gdpr_consent=
date
Mon, 16 Oct 2023 01:58:40 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 50D2
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZSyY0MCo5s4AAOI5uIoAAAAA
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZSyY0MCo5s4AAOI5uIoAAAAA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Mon, 16 Oct 2023 01:58:40 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"31.204.145.168","key":"ZSyY0MCo5s4AAOI5uIoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40183"}
X-SO-Key
ZSyY0MCo5s4AAOI5uIoAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40183
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZSyY0MCo5s4AAOI5uIoAAAAA
Cache-Control
private
X-SO-HostName
a-ad40183.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
a-tgng40010.dc2p.scaleout.jp
X-SO-IP
31.204.145.168
sd
jp-u.openx.net/w/1.0/ Frame 50D2
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbbpdZYw65Qoks8AD7P30QcI1s8AAAGLNjTwWg
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbbpdZYw65Qoks8AD7P30QcI1s8AAAGLNjTwWg
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:40 GMT
via
1.1 c48b5b0fd428fb86c275c538e5240570.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbbpdZYw65Qoks8AD7P30QcI1s8AAAGLNjTwWg
cache-control
no-cache
content-length
0
x-amz-cf-id
qjlJkrosK9iZTFndgGehhop4estb0fm_1z8rI9CHuzEQxgCy9p9ASg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 50D2 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDM1MmU0MDMtYTI0Yy0yMDVkLWY3OWQtMDM4Y2UzNDk5ZmU3
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 50D2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMcHojsvO4vd6Um3oU2rgUU&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMcHojsvO4vd6Um3oU2rgUU&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMcHojsvO4vd6Um3oU2rgUU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 93CF 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1df47727fca5e2e5950e51431d2a06779319efb969ae91e58f2c36d88e7cdf6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame D731 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvM1oSjpfaAYxbl-TAsCwz7TW9ZxI3XSXM4nVK8-x5yAZeW4EuHYhGBp52fREJTiMcMYXgHFl31-jtHxcx2-s6-dkFwgbVQkdxzmvtn21YDas7dL-HRmWkSOqwriwMZiWsv3FJl0tGnkJsrx_QsW06RrNBsuBnr73Dx7JlfUSATXj6qpGIsDsuV8KqtmadHfKxaA1p0MxXstmc5h7WXus0m3RYPCOZ7lwy1gG0kqGqlt4DsiLxbFYzA8Xmq0VSdQfcnWsTMvIBH7wzVhlDRVzJ4tQZAVQ4AaN09XUPhNqTkAImcRzbjRmC4-KcRumzzOMgCEtaD_quHm-tcS7jsEGL5C00CNxIHzykHzrQGSxKkbhnB1OytQcPR2Ao&sai=AMfl-YRH9r67tguWcVXYovDDTbimLHNiEZitfEdMR9GahCkdm9PgXtt7YsMHhWNV8ivM1O1O1SY_rflB7QydV57xixVCkf8uZpEWWN7XyAHQXV03oy39MFH6bIbiurE0ZqizxNgWm8UzdqfBLLmogqMZ&sig=Cg0ArKJSzBuEZnI7bh35EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
7942.js
cnt.trvdp.com/js/1250/ Frame D731 		535 B
889 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.trvdp.com/js/1250/7942.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.52.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-52-51.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 24 May 2023 19:58:04 GMT
via
1.1 fe3f6acea2258e1e1f2aed009a7bb06a.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 15:54:16 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P2
age
12463237
etag
"f229c3a6991d60be41be6d40e220701e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
535
x-amz-cf-id
wzT_9DnIYcanOn4WdM65hVkHl2M3vf8okAOnFo2c2n0tZOD1tXPUlQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D731 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Oct 2023 01:58:41 GMT
font
fonts.gstatic.com/l/ Frame 0904 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxonMdbwZGu_91jOLBl7NTa0W0IFgjzCpiX4w9-YueP2GNWlIm7T5xntV9jm41Po&skey=72472b0eb8793570&v=v52
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C700&text=%E9%8A%80%E5%AF%BF%E3%81%AA%E3%83%88%E3%81%95%E9%85%8D%E3%82%8B%E5%AE%85%E5%8F%B8%E3%82%92%E3%82%B5%E8%A6%8B%E3%82%A4%E3%82%89%E3%81%AE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
57368ece41381a5a935f619891b662820b734a91a4fa4c1d0c05e946f143c211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reurl.cc
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 03:06:30 GMT
x-content-type-options
nosniff
age
82331
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8572
x-xss-protection
0
last-modified
Tue, 02 May 2023 23:59:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Sun, 15 Oct 2023 03:06:30 GMT
font
fonts.gstatic.com/l/ Frame 93CF 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqZ03ckxK5TXZYwnXhyVFe-MyMW7V3nykTMsL-Ry4_PZZihXiLtlVznGL7qrTrp_XBC56gpBR4zBVJFiMMQ5aahdZAhl7h5_jrM0XlkxPR-wg7Nmf4JhY8E4p5pTSZTCcF_mt1y-bj3NXsviG9MejFJkdUshq15OtPwl9NSbrmMfN4PmZZBlndIIUkiNjCKoWZYp91igQ&skey=72472b0eb8793570&v=v52
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%9A%E3%82%BF%E3%81%A7IP%E6%97%A5R%E3%83%AC%E9%A1%8D%E5%AD%90%E5%BC%95%E3%81%8C%E7%A2%BA%E3%81%97%E9%9B%BBD%E5%85%88%E6%9C%88%E5%8C%96%E3%81%BE%20FO%E3%83%BC%E3%82%92%E5%8F%96%E9%96%8B%E3%81%A8%E6%AD%A3%E3%80%82%E5%AD%98%E3%81%8F%E9%87%91%E4%BF%9DA%E3%81%AB%E3%81%99%E5%B1%8A%E5%B9%B4C%E3%82%AA%E3%83%BB%E3%83%87%E3%81%A6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83207098d0bd47295ade8b9fcd0c0d2cb3196101d0051e83571da772dc7f1a29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reurl.cc
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 21:02:48 GMT
x-content-type-options
nosniff
age
17753
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20644
x-xss-protection
0
last-modified
Tue, 02 May 2023 23:59:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 16 Oct 2023 21:02:48 GMT
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 93CF 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reurl.cc
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 00:49:22 GMT
x-content-type-options
nosniff
age
263359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21360
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 00:49:22 GMT
syncframe
gum.criteo.com/ Frame E1D5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
27ce2d1973c8a131d6e828cd3793c4ecaa277518950c34dfc9f6aecbb70fdf9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:58:40 GMT
server
Kestrel
server-processing-duration-in-ticks
221707
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
capmapping.htm
cdn.holmesmind.com/js/ Frame 3C55 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca8708ceeec43763993d2daff2d9d2ab337e64fcbba5031b6f626e609e2db08f

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
25
content-length
8961
content-type
text/html
date
Mon, 16 Oct 2023 01:58:17 GMT
etag
"56c880695a57094a5870b3120df2ca74"
last-modified
Mon, 02 Oct 2023 00:31:32 GMT
server
AmazonS3
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
x-amz-cf-id
D03Ive5Y_ia3RD50YrPYsT6rBynIjy2qE_B3IlRbbXM6u3z_NLl2Og==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
eW6cWzcOOb6T61HVOGfEzVZoubEHsljb
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 29FF 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20230627
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8df5691a16c5560a40f00e7ddc53c79d5eed0cd43b22188fd465350a2f412f62

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
BrBzVPgl9QuaFlQ2fdbO_4X6SOkoctOm
date
Mon, 16 Oct 2023 01:58:20 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 02:43:06 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
22
x-amz-server-side-encryption
AES256
etag
"6cb998b36618c683768049fa1b914a4e"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
8036
x-amz-cf-id
0wi28OPwGl6BXqZz12lPY66WKZQXn6jLwW6t3uWhHXtCtrDUWbSV8A==
7942.js
go.trvdp.com/init/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.trvdp.com/init/7942.js
Requested by
Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1250/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-40.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 16:21:32 GMT
via
1.1 06dea94a9acccc89bf073f5b6e5408ea.cloudfront.net (CloudFront)
last-modified
Sat, 25 Mar 2023 08:02:02 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
14722630
etag
"cec9f63f120ca9bc6868582a79e6b514"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
5845
x-amz-cf-id
pcSSD6l4aBdMBrBhDKQF_uT0wi7h8GWsGgTE2_5HRH1xhzS-IA1ePw==
si
googleads.g.doubleclick.net/pagead/drt/ Frame 78C2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Server
2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Redirect headers

date
Mon, 16 Oct 2023 01:58:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 93CF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Server
2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Redirect headers

date
Mon, 16 Oct 2023 01:58:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
cm.lndata.com/ Frame 3C55 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 16 Oct 2023 01:58:41 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame D6C0 		0
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.220.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-220-218.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 01:58:41 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame 9FCC 		39 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 01:58:41 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
cm.js
fcm2.holmesmind.com/ Frame 3C55 		409 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fcm2.holmesmind.com/cm.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.74.9.151 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-74-9-151.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 01:58:41 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
utag.js
t.ssp.hinet.net/ Frame 3C55 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:41 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Mon, 16 Oct 2023 02:08:41 GMT
fp
cm-dev-poc.holmesmind.com/ Frame 3C55 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.220.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-220-218.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:41 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 3C55
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:41 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Mon, 16 Oct 2023 01:58:41 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
truncated
/ Frame 2C0D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
264c9963c3c555a44aa2d03fc3f6b54d18972b7a33ee35dd713a98d3aa42a6b7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D731 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec41fbef4bfd26838cdb6507acfb25439b7ee631dfa0753e7384521d004d37ae

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame D731 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssp2bsSLIgQBvaPA8H9tCK3Ob3jywLJ19Ae_4B8_5cVYCr_qRr9qD3JgcdWAAuojZGvWvhy_MdKlKGPIlI6RiFurBCpWFTzBm05asR0JTu9Mtk6OfeWzP2sBboGaYfS9O6H7Iskdh1t21Gyx3x61lYA7hPH33Nl0Lf699gKPLBJa836RksWtVQ_7yM1g2G1KaM0nq8T_75GmHiZHJu25uuGpda-uovP9l8oQQTQCI_BaouSq4z40ZJFl0tP-0Eq6Yy4DtKtVu_8mgwp69Du7zT6lI1uTk904q6HJtLflxxsBnSqjKharVYtUakqqjQD__8H7dHf8_JNwHiPxDwobWznrnTod_EgsliU5g7kzkLKVlqeYROPqNY_FO6D1w&sai=AMfl-YQ3eKaa4Z-klivERVwSOxjiu95dKCd6aMlYcNQDcmKAxq84FWe7aC_qhZvbej-J7W91Q7jgYv8WUai_d_sedmHD46PIFXNP8vQMOsYIjImAr3Gvw9X9dcgzUNinMUra6q6X_ZwFE_EHsktYIUlJ&sig=Cg0ArKJSzPuaG_el21FoEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 16 Oct 2023 01:58:41 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0904 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:46:30 GMT
x-content-type-options
nosniff
server
cafe
age
731
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Tue, 17 Oct 2023 01:46:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0904 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 07:37:54 GMT
x-content-type-options
nosniff
server
cafe
age
66047
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 16 Oct 2023 07:37:54 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 78C2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:46:30 GMT
x-content-type-options
nosniff
server
cafe
age
731
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Tue, 17 Oct 2023 01:46:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 78C2 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 07:37:54 GMT
x-content-type-options
nosniff
server
cafe
age
66047
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 16 Oct 2023 07:37:54 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 93CF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:46:30 GMT
x-content-type-options
nosniff
server
cafe
age
731
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Tue, 17 Oct 2023 01:46:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 93CF 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 07:37:54 GMT
x-content-type-options
nosniff
server
cafe
age
66047
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 16 Oct 2023 07:37:54 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 29FF 		1 KB
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.179.151 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-179-151.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
481d86a73487c4edc6e1edeb26433134874e6c51a00c894d18ab7887e209ddfe

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:41 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p.php
stg.truvidplayer.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/p.php?sid=1250&wid=7942&cb=5911.248853627587&pid=5434&url=https%3A%2F%2Freurl.cc%2FGKjnKp
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-4.nrt57.r.cloudfront.net
Software
nginx /
Resource Hash
1d4b759e9aab66b450652af60633631b5878744b51ca08c68794dc00798cbb53

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:41 GMT
content-encoding
gzip
via
1.1 1a32d5b63476b853ffc0505ea6996c7a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
xwRLBwmBUVplCJU4HnVqNozf-sXlSwty8n5kHQilOPcm7BjJkh2aAg==
fbevents.js
connect.facebook.net/en_US/ Frame 3C55 		198 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 16 Oct 2023 01:58:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53498
x-xss-protection
0
pragma
public
x-fb-debug
FZqujllOh02/8qhf8sYTzqdKn+oTh8tu8RXjPMBZnREX3n25etLlhjWURIxLolPQLhWReNdhVkiTzgHVvyy5uw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0904 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CKnrf0JgsZebTGf2Jid4Pj_uDiA_7lNzHc7aiv8XfEY-i-tbFIhABINLMgRpgifPFhPQToAHdvYLoA8gBCakCMXnxmya3PD7gAgCoAwHIAwqqBIoCT9Ar_EdKEnii-L1UK-o0ol41lu2QVdOOL8OB-i0Ed9mAtBC1pVU4VQHeLgt7RehqEikBRH6K6Nf0MbdMoITS_Q7I1-x2k32zNh98fErw9PrscwTUb2h06h70jucq35e0CZ6yeddxcqRbRYljVpmib4xz5Lhdfp-cs8y2bwvfonpb6AATFbkpVLSl8aSHgOCy47NbNIj19YBRH8GzL4JSyVQ8Hi2ja39SoitAFjhYD4OL4YKyuTxNf2LGBolm3rDbW9M77nmewiNdJvpyMvW2PcIQvfOkOCdWiZnirz6YYTs6aTHBlj6ieVBS4mk0P-LUnyFU2tjQ9O5CCxoX6d9GkqucEVsStc2tJTLABKTKlca-BOAEAYgFtLrc4EygBi6AB4vC_ReoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD6oA3SCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJMGh0dHBzOi8vd3d3LmdpbnNhcmEuanAvY2FtcGFpZ24vMjAyMzEwX3Rva2FpZmVzL4AKA8gLAdoMEQoLENCKvaWFoonPvwESAgED4g0TCO-rh_a7-YEDFf1EwgUdj_0A8bgT5APYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=dRw2E8BPGao&uach_m=[]&ase=2&nis=5&cid=CAQSTADICaaNCq3ou-408pPB39juv4pwEeWeUsRgdPw7yhMuI-hiO433N-FBCRmwIFp40Lx3imMTc3hEev9iGFYjFGwzTw8hfiyky1oxRE0YAQ&template_id=484&cbvp=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 78C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CIHHt0JgsZejTGf2Jid4Pj_uDiA-Qx7S-c7S32baCEWQQASDSzIEaYInzxYT0E6ABz8fnxwPIAQKpAjF58Zsmtzw-4AIAqAMByAMIqgSTAk_QGabzzAQaFcDXYuyI3clBdPSBdQ5XvgVSVorgYEoh84nkJ5ttUv-GgR2YoBW3ufqYCsKZaisxqO0tUm1Ft3Zt5H6hOkGdvgo7l89RDbnk9CJU9V4ge3I76wgHT3VeuOMpT6CSJN2r8NEu8qvuusCJkWq3Uk3ayl-uAWx4KQZUGrvRp0d99V1tjSbtW5qEdCsXA0Nm_I8UDpMSNCQw1U05icBKIqAgm75srM7blVwBNS0QftGJRWNRdSzfr2mRYmxc6DQM6qWnygo-_bNdE2OskRlkhY45rT6qZsTQK8oSord10-nzmhQe5U-rVEdPIl8roUFCaE5CmXyvDB5NBCM4UhgkD_FpbM5hfVyoqVzRinCRwASN7ojrmgTgBAGIBenHuoFIkgUECAQYAZIFBAgFGASgBgKAB5m4mDioB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCJiQvSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJjgFodHRwczovL3JlcG9ydGluZy5ic2Eub3JnL3IvcmVwb3J0L2FkZC5hc3B4P2xuPWphLWpwJnNyYz1KUCZ1dG1fc291cmNlPUdETl9DQVQwOF9PVyZ1dG1fbWVkaXVtPWJhbm5lciZ1dG1fY29udGVudD1DQVQwOF9PVyZ1dG1fY2FtcGFpZ249RFNLX1BDgAoDyAsB2gwRCgsQ4Mqv7YfokJjuARICAQPiDRMI8auH9rv5gQMV_UTCBR2P_QDx2BMN0BUBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=K1GcVKKrg1s&uach_m=[]&ase=2&nis=5&cid=CAQSTADICaaNCq3ou-408pPB39juv4pwEeWeUsRgdPw7yhMuI-hiO433N-FBCRmwIFp40Lx3imMTc3hEev9iGFYjFGwzTw8hfiyky1oxRE0YAQ&cbvp=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 93CF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUuQV0JgsZerTGf2Jid4Pj_uDiA_C_JG-cfLa5teMDrCQHxABINLMgRpgifPFhPQToAGVxK3nAsgBAakCMXnxmya3PD7gAgCoAwHIAwqqBJECT9AJ-I2MEegDZLl3fvpa-c10fKgKe2LMjInfJc7nLCuQxSaomcMfJGZ3rSd-NZWsdCjlgozWijKuRcWfsRoPnNtS8PRxs4ko_hxcpfncjCEjAxQlnHrbzQWcBvz9AlUHrHbvW1qkguL_MUwaTLyPOW_tpunSQjjLibr7TCif59ouPCP-cXuLCkA7ssnQDV7zgjaRV3fbzMkKUaGWQRW4Cl1q75_mKu1VKsqBJuUvkPeTbAWj92Koq9mtZPrpJDAHiW2r6H42QtsRR4oceFfvaNQzLv2-agoeZQJz0rSIhx9jWx1gbhJfih60KUAJN5_MWuC7njyAz3J88BScBK664957kPqRvsDumVHPPTIBBMRiwATpqMml1wPgBAGIBcvL_fI3kgUECAQYAZIFBAgFGASAB9O70pgBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQy-cD0ggUCIBhEAEYHTICigI6AoBASL39wTqaCRlodHRwczovL2ludm94LmpwL3N0b3JhZ2UvgAoDyAsB2gwQCgoQ8MrZ_orCyecXEgIBA-INEwjzq4f2u_mBAxX9RMIFHY_9APHYEwuIFA3QFQGYFgGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=g23b8I5bh_E&uach_m=[]&ase=2&nis=5&cid=CAQSTADICaaNCq3ou-408pPB39juv4pwEeWeUsRgdPw7yhMuI-hiO433N-FBCRmwIFp40Lx3imMTc3hEev9iGFYjFGwzTw8hfiyky1oxRE0YAQ&cbvp=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
ads.js
ad.holmesmind.com/adserver/ Frame 29FF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FGKjnKp&n=873&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=7117-ecugZ5tOsO4yi9w90ixS2eITnXuevm6v&fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.179.151 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-179-151.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b46c6a3bd4a3aec83ccd7b2d76c10bce24d5c4ffff1ebcb3e57b1fde96299f72

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:41 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 29FF 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Mon, 16 Oct 2023 01:57:58 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
44
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
ghWdsHOmTgYexFFktqRVa-_e9ppoHwEbOSgbjVb9ix3giMRpmL8ttQ==
publishertag.js
static.criteo.net/js/ld/ Frame 29FF 		128 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8e5ff228884766879dfbb7a4628438a3334725b3acfeed5ec1daf5dbe99a630c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-20073"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 01:58:41 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 29FF 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Mon, 16 Oct 2023 01:58:41 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
22
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
NsgS0AN66MNWyhqY_L0AYlh7OWxlwJoIoC7WHvWg24QNwQAQ2HsxnQ==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 29FF 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Mon, 16 Oct 2023 01:57:58 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
44
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
E4210wZW8OJV4ejHu3XLCafNORqhnqjZ_kUEfMZkMkUWwMvzZCp_og==
appierV2.js
cdn.holmesmind.com/js/ Frame 29FF 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
DuL3NqcSAWlg9.9pH8H17Ba3odTimTvK
date
Mon, 16 Oct 2023 01:58:13 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:28:17 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
29
x-amz-server-side-encryption
AES256
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
URRRdq4XS5u2-WsOWiUyxf-91HwS-fj-Ryr_aQSLXqoRK-5s7a31cw==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 29FF 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd0366660d2837d11ab498b4adbca774d02854cbb182aaba77f5bc96075df9fb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
YYuAhwhSx_GsTeUJoqJMc_2F0T8dyIho
date
Mon, 16 Oct 2023 01:57:58 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 09:16:38 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
44
x-amz-server-side-encryption
AES256
etag
"f06a16ff0c73f1550fb80377786b8f06"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6065
x-amz-cf-id
vsMrOoYN8Bn7LYNRdbL5tZ4NzfTVZgT1mrn366zUa0rMMtwhFZhROg==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 29FF 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:41 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 29FF 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.044010985215399145
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Mon, 16 Oct 2023 01:58:41 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
bid
ad2.apx.appier.net/v1/prebid/ Frame 29FF
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=NyvkTBtoCo2wVlg-0ZgsZQ
2 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=NyvkTBtoCo2wVlg-0ZgsZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:41 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 16 Oct 2023 01:58:41 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=NyvkTBtoCo2wVlg-0ZgsZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 29FF
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
2 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:41 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 16 Oct 2023 01:58:41 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
drawV2.js
cdn.holmesmind.com/js/ Frame 29FF 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FGKjnKp&n=873&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=7117-ecugZ5tOsO4yi9w90ixS2eITnXuevm6v&fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date
Mon, 16 Oct 2023 01:58:41 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:54:55 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
46
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
DxcT7TsC0PJCw8keKG3W29MFC1QAWAhI4eYI2lrlQy4LICoQOaMd2g==
/
t.ssp.hinet.net/ Frame 3C55 		37 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9e751282415f21a073991ab5a478f06c0cb076bcdcb236ab28688d5a93192fef
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:41 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
sid
mug.criteo.com/ Frame E1D5
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=o-nYx3xFVnp5RnB1ZlAzMm1QZWRzeUJnU0JkRUFKZTVueGdER1VtZm5SQWhaYmdidTZuYmd2ZThmakF4MWQyVXhienR6UHQ3TFBEZkN1VHJiWUFadzMxN2xlNWdBTTAzdnFaMTdjQWQ4M0N6bDNkV3YxWXpQdk5LelkvdG...
425 B
671 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=o-nYx3xFVnp5RnB1ZlAzMm1QZWRzeUJnU0JkRUFKZTVueGdER1VtZm5SQWhaYmdidTZuYmd2ZThmakF4MWQyVXhienR6UHQ3TFBEZkN1VHJiWUFadzMxN2xlNWdBTTAzdnFaMTdjQWQ4M0N6bDNkV3YxWXpQdk5LelkvdGVXU0lMTXBwbWYydEtoN2ozQWgwc2d6WE9LbTV6eldtbjlTYVdLVlRPMktaTHNhbW5rKy9pOGt0czMydEhIUHBHQVMyV1hwZG5jbi9EcUYwZ2MzSnhkd3RoY3dnRWIwaVZGajFPbngyZThUdURhMDhOMUdUQ2lCQWtNL0h0VENZQ0o2TUpXckdnbHgwSmFVK3JoeHV5NHAwYVRNNVM3dz09fA&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
2989dd9ae0c1ee3a8ad8da43a7df3c299f56abc56656343e5a3528e6dd8935c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1173811
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=o-nYx3xFVnp5RnB1ZlAzMm1QZWRzeUJnU0JkRUFKZTVueGdER1VtZm5SQWhaYmdidTZuYmd2ZThmakF4MWQyVXhienR6UHQ3TFBEZkN1VHJiWUFadzMxN2xlNWdBTTAzdnFaMTdjQWQ4M0N6bDNkV3YxWXpQdk5LelkvdGVXU0lMTXBwbWYydEtoN2ozQWgwc2d6WE9LbTV6eldtbjlTYVdLVlRPMktaTHNhbW5rKy9pOGt0czMydEhIUHBHQVMyV1hwZG5jbi9EcUYwZ2MzSnhkd3RoY3dnRWIwaVZGajFPbngyZThUdURhMDhOMUdUQ2lCQWtNL0h0VENZQ0o2TUpXckdnbHgwSmFVK3JoeHV5NHAwYVRNNVM3dz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
266792
content-length
0
expires
0
utag.js
t.ssp.hinet.net/ Frame 29FF 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:41 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Mon, 16 Oct 2023 02:08:41 GMT
/
t.ssp.hinet.net/ Frame 29FF 		36 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
f0d1839883afac63bb452dc7a99e04a84fe3c6835e0e1d36d81fc99f81be1284
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:41 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 29FF 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=143&profileId=184&cb=98504067508
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:41 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
emome2
t.ssp.hinet.net/ Frame 29FF 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=f4205129-c487-44e0-a1f0-3fe221eaf58a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:41 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
view
securepubads.g.doubleclick.net/pcs/ Frame 2C0D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYM-VVoSDJa68FvLmpLBcGryMdd_N2r_D1F8LZ66plSFjQRZcwuz0Z6Q-baiCnJSvUB8oTI_5xeBSeC9MebfR7HsGCV9vsNE_24V1IrvYiPWy3qzNZ5Fh3-Rv7ef-pVuUwypHJRQegrQbYq2PC1KpCsoKwcXu7Itzg4QRDKXQ1YXsl0GxXJCgyf4JdqFQ8Iq9_oVV0uK4UBZ5T1-0qVxFIwZC8riZYHX0lR3kgUJLqJEw7PVBTjGi8CAamroVPPWdAtH_QJJj4Ya0j9Xn0w2_Ot4jLBtsSd99bdxPVajB8PK-CxZsEN1nzPJavlpmHoU56NDftHvacS7Ow-CvVQrqyaI2fUDbn9sUv4SUsu8z2jBbLn6bQVUMydGk3xKU1p7w&sai=AMfl-YR90_hrWG6D0cohk62i4lpAxh0ndCWBQYjTy5YqdIAVKyE-3AKY3gyfMETZFc9NbH64vCVTdVTX-dv5z0_cgYSux4Bau0lfvKtFIVM0SO_CeNHo66f2YjY-omb9DZHEdC-cVYX95w7zTBsZg4hc&sig=Cg0ArKJSzGVdsFJkSnCGEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 16 Oct 2023 01:58:41 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310110101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3d2e67700945bed2a44fe0218ccd760c82122f8bc75a2a1a5b4d6a59054f446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12178
x-xss-protection
0
float.js
s.trvdp.com/scripts/v5.827/ 		469 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.trvdp.com/scripts/v5.827/float.js
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.31.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-31-22.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
947ea0259f58d0d3fa8f9d6f87ba299d4cc4379be52886936c56f358da9a5787

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:48:22 GMT
content-encoding
gzip
via
1.1 93689531d487d213dcafb22a50d9b530.cloudfront.net (CloudFront)
last-modified
Tue, 25 Jul 2023 12:00:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P1
age
2387420
etag
W/"6d4b82c5e77085c209494ce7e5eca2fa"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
JWL621MdkMY5hb-E9u_YU0eFCCGR8EWnKrEd43CMDRQlhFTuYbomiw==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 Oct 2023 01:58:41 GMT
cors
rt.ad-score.com/score/ 		52 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=reurl.cc&l1=7942&l2=reurl.cc&l3=JP&l4=desktop&l5=5.827&cb=0.7967736087149142
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.827/float.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
35.208.216.174 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
174.216.208.35.bc.googleusercontent.com
Software
/
Resource Hash
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 01:58:42 GMT
Age
0
Access-Control-Allow-Methods
GET,POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://reurl.cc
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
52
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B553 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
1965
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:25:56 GMT
expires
Tue, 15 Oct 2024 01:25:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3F11 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8eaf5e2e04164421506382f0ac1944bf25bf37b3dae11abe2b76efc1c01ea3fa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WtN3KCOdsECepR30zhnKYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-WtN3KCOdsECepR30zhnKYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:58:41 GMT
expires
Mon, 16 Oct 2023 01:58:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
syncframe
gum.criteo.com/ Frame 7CE8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
27ce2d1973c8a131d6e828cd3793c4ecaa277518950c34dfc9f6aecbb70fdf9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:58:41 GMT
server
Kestrel
server-processing-duration-in-ticks
680536
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame B553 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 23:45:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
8002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 14 Oct 2024 23:45:19 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3F11 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310110101&jk=1897298158091929&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame EAA1 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e938fcb2f5bf31d2401d0bb299ed640bd51ba5cd1606b9ff6160067b3888b14b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29414
x-xss-protection
0
server
cafe
etag
357 / 19646 / 31078805 / config-hash: 16770446656291207178
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 01:58:42 GMT
generate_204
tpc.googlesyndication.com/ Frame B553 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5LwCnA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sid
mug.criteo.com/ Frame 7CE8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=UBwmPF9Yd3c2SkVmM2xYVVVjb2xHbWl4dFpJR1dOOHY5ZzBnaWVCZlk1akRhaVB0Y0JhYTRZeFV5Sm1FdD...
  • https://mug.criteo.com/sid?cpp=10HTBXxJcDliQ04wdzkwZ1hjSzZvdElwM1A0S3c4MjdNUHdtL2twc3RPNnRnUWY1YytieS81eUFLVWRmV3pZdmRQbyt6VEYveFZYdzJPRUlTZUE1ZEtvMm9YOVpDbERra2hFVzhFSGxFeEkvL3JFZkZ2U2NaL2ZUQzduN1...
435 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=10HTBXxJcDliQ04wdzkwZ1hjSzZvdElwM1A0S3c4MjdNUHdtL2twc3RPNnRnUWY1YytieS81eUFLVWRmV3pZdmRQbyt6VEYveFZYdzJPRUlTZUE1ZEtvMm9YOVpDbERra2hFVzhFSGxFeEkvL3JFZkZ2U2NaL2ZUQzduN1BFUFhWL0I4Y2UybWlMb04yUVkrdk1LOVBzeWdXM1VsaFZGb3QranVzQVoxTGVnWFVZQnlxN1lzUmdvNzRQNmN2THRRSkNOYWhVMDcxZksydVpudHBsZ28wL0p0SkxDR3E4WTM1VjZiQzk1T29lUnRLS3VEWlYzRWVNZEZSa2IwOXcyL2c2ZzVvOGdNUGx2bkE5ZDlwcmVGM2ZUWXpTZz09fA&cppv=2
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
2575e2980d8d73040d5f0e42b0af4e6f3a1f380292cf8054ea5262d8b3bc869e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
881423
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=10HTBXxJcDliQ04wdzkwZ1hjSzZvdElwM1A0S3c4MjdNUHdtL2twc3RPNnRnUWY1YytieS81eUFLVWRmV3pZdmRQbyt6VEYveFZYdzJPRUlTZUE1ZEtvMm9YOVpDbERra2hFVzhFSGxFeEkvL3JFZkZ2U2NaL2ZUQzduN1BFUFhWL0I4Y2UybWlMb04yUVkrdk1LOVBzeWdXM1VsaFZGb3QranVzQVoxTGVnWFVZQnlxN1lzUmdvNzRQNmN2THRRSkNOYWhVMDcxZksydVpudHBsZ28wL0p0SkxDR3E4WTM1VjZiQzk1T29lUnRLS3VEWlYzRWVNZEZSa2IwOXcyL2c2ZzVvOGdNUGx2bkE5ZDlwcmVGM2ZUWXpTZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
257584
content-length
0
expires
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/ Frame EAA1 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed217f84a2f42753409477460b63ce2ed71c6447b9ec89aa0abde7f42ae5bcf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 15:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
37317
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134786
x-xss-protection
0
server
cafe
etag
13749274744457858240
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 14 Oct 2024 15:36:45 GMT
events
bidder.criteo.com/csm/ Frame 29FF 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:41 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 29FF 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 10 Oct 2024 01:58:42 GMT
pixel.gif
static.criteo.net/images/ Frame 29FF 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 10 Oct 2024 01:58:42 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EAA1 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1760137629804170&correlator=2837110850414642&eid=31078805%2C21065725&output=ldjh&gdfp_req=1&vrg=202310110101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3De0d330846be019b1%3AT%3D1697421520%3ART%3D1697421520%3AS%3DALNI_Mb7bkjBH1s5_niiXx6-uZUkwIutTQ&gpic=UID%3D00000c6338a2f94a%3AT%3D1697421520%3ART%3D1697421520%3AS%3DALNI_MZzKsZJ2eeyscVjIIy7yHVFUu_KtQ&abxe=1&dt=1697421522082&lmt=1697389122&adxs=1850&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=eaqo9i2qit1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=3&url=https%3A%2F%2Freurl.cc%2FGKjnKp&ref=https%3A%2F%2Freurl.cc%2FGKjnKp&top=https%3A%2F%2Freurl.cc%2FGKjnKp&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=2126258022.1697421520&ga_sid=1697421522&ga_hid=528922917&ga_fc=true&dlt=1697421521933&idt=141&adks=3360245792&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9efc23982881716d29806a21bb57339e8477dc820a631c3c68d5837d177cf74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12260
x-xss-protection
0
google-lineitem-id
6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame EAA1 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310110101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b14cf5bc30a2a2216daf05987eabe58172a0a66ea88a05badab2dde8ccccf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12115
x-xss-protection
0
container.html
744cdf5eb2e58548a5a3841447c3e2b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C9B3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://744cdf5eb2e58548a5a3841447c3e2b5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:58:42 GMT
expires
Tue, 15 Oct 2024 01:58:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EAA1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 Oct 2023 01:58:42 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D731 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssz_34Ss7qCm4aCF5cBnxdt2Bzgistp_tUx6SW9I0Bn54hFxU1mCljSsT5Mqet94XzeOhPEQL4GVuWL86wS2DGh4031-xKh8dN6n4kgXVlq7K4qf8cmeqM_h4mqcc-W&sig=Cg0ArKJSzPCLsXgev974EAE&id=lidar2&mcvt=1000&p=1180,1599,1181,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697421520968&rpt=194&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7E23 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
1966
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:25:56 GMT
expires
Tue, 15 Oct 2024 01:25:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C9AA 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
485e423e0bcaf8d5944f51d2628bfe4aae283711a48e77da090bba70a7339637
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1aDo8T4G0bi851V7-fx0HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-1aDo8T4G0bi851V7-fx0HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:58:42 GMT
expires
Mon, 16 Oct 2023 01:58:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 7E23 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 23:45:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
8003
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 14 Oct 2024 23:45:19 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C9AA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310110101&jk=1760137629804170&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 7E23 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?3NnrDQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame F07F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvOV1Z_0hDDYbA0X8949rDt-gCtpk301ZmZ6KIqI9ANqqiLQoJCLLEE8tVfIP49FLiNDexT0trmxjxgkCwY4txJIUt6WTgyDaNs3scWw9M4kmPYT1ayfrMn3abjXCQi3kJegSMYOOXqlxdC4U3EARWN6a-f3kUhR7p6OWWbj_xNJwcp-jAWbuBnBhTMG9dBu4SuC5KYT906vWo54Qguyxx3SlKY1fHpHVcYUrMJW8N8BV59AJ7IDn9Rwrv6A5wepv71A5aN8jPrtSF3UnE6E_FnwATFhFHS_VmsoTKroxALt6-DXFoeosmPgNKh8GlCM4JsDwgnDL1OCIGqyX8ZWwr_V9k-3blNjdPRQrfygluV5WzTXDDiRkMIG61zg9YiC7EjJvm31c&sai=AMfl-YTz-ta9S3yPtaHtYHEeLmaAY5Zt4aTn5RUVlw9Pk3M0XnaOssuGGxdO0dRiJGh_KTKyw0_mQjnLODGafI54KI_qajN6cUxZtA-CxWT2Pfyw9aJ4czjFKu5r46uta3o&sig=Cg0ArKJSzFoG07PRL-mdEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame F07F 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f8e15342517755abc1831a42d004f007ab0e00cb26bbbd6aa6c4193d89bb882

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
f8_4CwQTT_UnBXRtf02aiYVk9aB8D47H
date
Mon, 16 Oct 2023 01:58:26 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Fri, 06 Oct 2023 03:42:38 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
17
x-amz-server-side-encryption
AES256
etag
"9d3aeb1c087722541820446aebcd8c24"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9235
x-amz-cf-id
yqGD4bQHeZGxJPyTtyXiioTDsVn3E7t39aolDqLSRnBER-BE3bz2bw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F07F 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Oct 2023 01:58:42 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame 78A1 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca8708ceeec43763993d2daff2d9d2ab337e64fcbba5031b6f626e609e2db08f

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
26
content-length
8961
content-type
text/html
date
Mon, 16 Oct 2023 01:58:17 GMT
etag
"56c880695a57094a5870b3120df2ca74"
last-modified
Mon, 02 Oct 2023 00:31:32 GMT
server
AmazonS3
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
x-amz-cf-id
5E5yCWy4ILlpRjui-fD0xztbeR-LD6xYdl0qyKKNfqUSlGgMYJ9BkQ==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
eW6cWzcOOb6T61HVOGfEzVZoubEHsljb
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame AF0F 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20230627
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8df5691a16c5560a40f00e7ddc53c79d5eed0cd43b22188fd465350a2f412f62

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
BrBzVPgl9QuaFlQ2fdbO_4X6SOkoctOm
date
Mon, 16 Oct 2023 01:58:20 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 02:43:06 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
23
x-amz-server-side-encryption
AES256
etag
"6cb998b36618c683768049fa1b914a4e"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
8036
x-amz-cf-id
FXKdh8uPCUQtEA3xAPs9GT-6NXkxVF53_udqv0elXotyoTqYZJFFhg==
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310110101&jk=1897298158091929&bg=!KCulK2TNAAbFpEfJ5aQ7ADQBe5WfOFsabfQwz5bILCIrfpE5C1-fJE98waeq8YowzCl1b6EareElayfxSid5cTe6II5HAgAAAE5SAAAAB2gBBwoAsH-iFQrpMNCHe4iTbQDMQQspY-CNh2fzjDyoTJ5vmPoYASmbdypTvGMINBeJoXZpIilnbYXe4HwejaLSWsK44cdrOXOI8cwRhEWKkdEFBDMUPvnePp3Q-xb9AsgnNYDp8KfVNG5mIMinxQDv1J-AfXLUFOsMIQhboM5khiOB4APrdKFMmiSVj15dMCWe06CHQ7TvcMHYWwg-VWQeLuJAZGLNQwupxDiOpiLXEl1TsUCgmQLQrd7w5z2OVz1Tfi6q3qZKd6pNqKUjiT-c-DEvOXjWrv7gAIhRxal-la_K-ZFY-NoiPMSF09AQlMAf3ggPpwXcP_frv3UXPOa_ykYVKhZWaJrqfpyW2-CQvXe27e7cVwDam2xyJof1us-r7FkJkJzJOZPif8Pfo-bBXOaIKhuM6U0RDyuLd40XHhBohl3Gv2yJIT3li__tntEPdZ3J7E69sdRhqaY0snvuBdwM_6sTw2rP9cChZkW9qrce4Njmn_5VPjogMWmYgo5Dh5iy-Q3lOe5OE2M2rRU0XNBYcAPnMMzveC7yg8ZyqQ8MXTyI_906J2JwdNNdx8ZAliNLXtMx7Cx3kiJ3LgMMHKc18YkAtRsTjC3OCaL3ff93bFe2tDBul6H_q7k6hpFu8UzJ7MGR6KLAlzwv81DFO2dc5jxrf4uOILKt_bNMf3-pOJSWXB2Fy4yM79vAh5Op3RxyfMA5FyDp89TO--O2Ckv4U2fIA2r5F2Cd4yLbci2ely4gxMsysjMZ3j1VOWaGltZdV-74jfL6s5bgd8qfjh_oCJaJBo_wxRyNg4bJPunmmZkEQY6xlQT6tdJZ5Dh5Bub44j9J5i0ORuSPsFG7F31Rfc5_UiyDFhVrc_YGPGzBrRoCnDnIND17YYLLamEmaBaOcS2clQOnP5tYBsFF8joLA6uvoJC3KbtOF0II2b-OHJ-_5Zj2hOyzrMsE-76zjh_RpoMF9hA0zGB6KWQOKx4YQk_0S-e30CJpiGyDC5OWb70-zXZQswXz0BULkM-WX2WmsSakppGps6tovH9b0yiAAzr_CoqH9zdRQ3B647gmBefpP_IOScG3Z-la_WCBFCUH_jQMRP1ZxBa2ZMMSFmmKxBt2ysF1mVKyBbu5D-V8MK79AwVDrKwH8mLBbreIg8XQPvrRXxY5RzPQLrtl8jmRQEAtU5qp2Q5XNphvAvbBf9lwBmc0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
/
cm.lndata.com/ Frame 78A1 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 16 Oct 2023 01:58:42 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 78A1 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.220.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-220-218.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 78A1 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:43 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 78A1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH&uu_m=undefined&google_gid=CAESEO12AL_WIRehrfES9wEnVdY&google_cver=1
0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH&uu_m=undefined&google_gid=CAESEO12AL_WIRehrfES9wEnVdY&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
x-guploader-uploadid
ADPycdsxGHuiDD9OE7WE9q7NOuXkMr7Z1ipJ2smETqmu-vJQyZUpUGe8fGYxcO-ssUVy4Fe6ZZDirnPV3g6pnE6YGeB-gI-ks59Q
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Mon, 16 Oct 2023 02:58:42 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH&uu_m=undefined&google_gid=CAESEO12AL_WIRehrfES9wEnVdY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame AF0F 		1 KB
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.179.151 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-179-151.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
481d86a73487c4edc6e1edeb26433134874e6c51a00c894d18ab7887e209ddfe

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:42 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
ads.js
ad.holmesmind.com/adserver/ Frame AF0F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FGKjnKp&n=585&o=1&fc=7117-ecugZ5tOsO4yi9w90ixS2eITnXuevm6v&d=1&b=2&ts=1&ii=2&FPCK=7117-ecugZ5tOsO4yi9w90ixS2eITnXuevm6v&fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.179.151 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-179-151.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1bfc58d97f61b305c0858386835e252ce39fc258aed116989db7f1ae124d1c6e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:42 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame AF0F 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Mon, 16 Oct 2023 01:57:58 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
45
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
ZvkWs_KlsuhW0tFtiJlXXhFaSPSbCKyvr7YkEsuq6wrn6khjs4VRLA==
publishertag.js
static.criteo.net/js/ld/ Frame AF0F 		128 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8e5ff228884766879dfbb7a4628438a3334725b3acfeed5ec1daf5dbe99a630c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-20073"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 01:58:42 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame AF0F 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Mon, 16 Oct 2023 01:58:41 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
23
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
flBtfHLqSXb-J065TNlSqyTZg6hdqtt6KaoGHMi_K0-4uz7ES6RDCQ==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame AF0F 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Mon, 16 Oct 2023 01:57:58 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
45
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
xXUJywj2NNdf0xytHx2EE0qBWiWB5K-k1vIBuj5dQ2pNaIYEnMX0mQ==
appierV2.js
cdn.holmesmind.com/js/ Frame AF0F 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
DuL3NqcSAWlg9.9pH8H17Ba3odTimTvK
date
Mon, 16 Oct 2023 01:58:13 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:28:17 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
30
x-amz-server-side-encryption
AES256
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
B6-y7o_OzInvq532UHflAyQ85y6YaOTPlxnPM2tDkea4kH9_PmQM0g==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame AF0F 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd0366660d2837d11ab498b4adbca774d02854cbb182aaba77f5bc96075df9fb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
YYuAhwhSx_GsTeUJoqJMc_2F0T8dyIho
date
Mon, 16 Oct 2023 01:57:58 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 09:16:38 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
45
x-amz-server-side-encryption
AES256
etag
"f06a16ff0c73f1550fb80377786b8f06"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6065
x-amz-cf-id
abV2Tk7vFdyhcc5JBzfjgjr3Le4oncPu5E_UTBBjNen_gKZtf72ypA==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame AF0F 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:42 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame AF0F 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7363240363398418
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Mon, 16 Oct 2023 01:58:42 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
bid
ad2.apx.appier.net/v1/prebid/ Frame AF0F
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 16 Oct 2023 01:58:42 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame AF0F
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 16 Oct 2023 01:58:42 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame AF0F
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 16 Oct 2023 01:58:42 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
truncated
/ Frame F07F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6ad86600c42dc4ecd4e28850c29d734269486f857fa584f586985be45e14f65

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
drawV2.js
cdn.holmesmind.com/js/ Frame AF0F 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FGKjnKp&n=585&o=1&fc=7117-ecugZ5tOsO4yi9w90ixS2eITnXuevm6v&d=1&b=2&ts=1&ii=2&FPCK=7117-ecugZ5tOsO4yi9w90ixS2eITnXuevm6v&fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date
Mon, 16 Oct 2023 01:58:41 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:54:55 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
47
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
jAKmGUXNjmR3UiE5Tbl52I5EBiXYo_-UulNJq8bBRePlKbmhm0VURA==
prtct.php
stg.truvidplayer.com/v5.827/ Frame FC35 		0
328 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/v5.827/prtct.php?val=f&geo=JP&timestamp=1697421523&level=0
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.827/float.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-4.nrt57.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 01:58:42 GMT
server
nginx
via
1.1 1a32d5b63476b853ffc0505ea6996c7a.cloudfront.net (CloudFront)
x-amz-cf-id
FL7FxMl6TYxRNuKrHAftysv90R7QJP4RSDnaa8vWfKpCJra90UwMdw==
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
utag.js
t.ssp.hinet.net/ Frame AF0F 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Mon, 16 Oct 2023 02:08:42 GMT
syncframe
gum.criteo.com/ Frame 3E05 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
27ce2d1973c8a131d6e828cd3793c4ecaa277518950c34dfc9f6aecbb70fdf9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:58:42 GMT
server
Kestrel
server-processing-duration-in-ticks
829848
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame AF0F 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=143&profileId=184&bundle=d7kQ4F9Yd3c2SkVmM2xYVVVjb2xHbWl4dFpJJTJCM2hielpGNVptTThjMnE4U2VDOEEycDJPck9nNFpCeHMxSWtZcmIwWnFKREs2em1tSEMwM3pHOCUyRmRyS0VDRmtueU1uciUyRkUlMkZhUmIlMkJYMXJWZUglMkZMMXIwQzNtU0xWYWZHeSUyQndwUlFZMzNpSDVCUHhOVHJDZmtNVlBtcjB6QTUlMkJnJTNEJTNE&cb=9156002804
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:42 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
/
t.ssp.hinet.net/ Frame AF0F 		36 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
f0d1839883afac63bb452dc7a99e04a84fe3c6835e0e1d36d81fc99f81be1284
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
sodar
pagead2.googlesyndication.com/pagead/ Frame EAA1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310110101&jk=1760137629804170&bg=!UFOlUxzNAAbFpEfJ5aQ7ADQBe5WfOEN_fIM96uCzWNMnoxjVAKqypSfDl6yEuB_MItgjn2F4_c-L1loQV0FbOP9oyvmNAgAAAE5SAAAAG2gBB5kDExUYCBUnTryYGOhAOd4M2-FWzn0N6vU00U2hVjRwj93wYO96wHCA4PwCt2k_Efx01IeuX-qV7Vo8S5TyIC52qizeyK5AK3xqk9PkcXp3XpQIRg2wYgns8XY2Rl3q86S2njbErkmOEBRoqhPHDr26X2Mfm9eG4BdSC6RgOaISWzH2x1RX0gyQRmPNmGunyc4dh00CdGLEhPOPRU0NhDcJo7ck4AK5W9ycBJbnzVdMsbGbbX2skHRnpbpfIdKSPQWaFknFRpL-bZJ3svA8q1p25DD5kRiHL7MF6Pt6dJv8bTJSRJW_sV1KFxuYflWt74aQW7Ewulw_dxkxQuIa71byfxW6YoQ_n8nZopTb_8y-h72zRFdf50WFypSz1ZiH_rivNKvL5zEPztrEa-FNhSCR_0Q9KlTfqRuCBJ0gRdm0jdjuBlrpq9aUAslfxG7Y7jYLjMCqYiRQ0_7ErWHTBOXss-6daqeCTomkiGZU8xGuJnzANfFUgpQFoIKXDiDMU06HIOIapDNv70YcpqTIK-NDGKzZ_pLsQOrd2bouYfWyDzTLeTQ9EB8coY807in8zmW8jLLpopWHHULS1rIXEFZi13gX3AxStN9_a6pH1A_H_MoczCxUbRCgsgpV5Q_mXxiNL8ExPVhCr3rdeRNW5HOtSAxJzK75tI1YNtK8ppssOqoGZDZaV39Dna33LwFtABBCnLLy0DVcmdNTgzCGlGs0RdNsfIaDak38tpBe6SLepTic6MQderZ5hHpVzYQWvaPt6-BCpMWDJljsHz6fBt5CzbpO3_y-Y2tPQZbRT3PgBqvcAx9gd57nhyzGkY4Dgaoo4--9CxU-Rgr0w1OJecSidcTX2kQjWxuXmabcdl3kc3yF_Ncu41fkrf6W3PjzdBBhsrU2snHvIBjs4Y-UBYvb-Z-2oQE8fsCoci7O5N-kvNxQv2L59ZRmdmgfVyoUAbxh6ZB_h5-ZQ-4wweunZBHcNNNGOGPpfXufGZZdgOkNDth2iTbqfk884y9_ro7w7AvpYIadhduXSxqXyanW8dSHmzRUeaI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
events
bidder.criteo.com/csm/ Frame AF0F 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:42 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame AF0F 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 10 Oct 2024 01:58:42 GMT
pixel.gif
static.criteo.net/images/ Frame AF0F 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 10 Oct 2024 01:58:42 GMT
sid
mug.criteo.com/ Frame 3E05
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=d7kQ4F9Yd3c2SkVmM2xYVVVjb2xHbWl4dFpJJTJCM2hielpGNVptTThjMnE4U2VDOEEycDJPck9nNFpCeH...
  • https://mug.criteo.com/sid?cpp=PjX7E3wrWFNSWHFlZXBRQWhoSW9sZFJBL3Y1REJjeEZPbXZIMU5zUjh3OUMydGRpdStrTEtCWmdJTGt2Tk0wWlNVZUZSczVvMGJxNlV2VVlSNDk5ZisyQmdUT3l2NjFVVDJTdk95THo4ancyR05abzNwZHZOekU3S1R0c0...
428 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=PjX7E3wrWFNSWHFlZXBRQWhoSW9sZFJBL3Y1REJjeEZPbXZIMU5zUjh3OUMydGRpdStrTEtCWmdJTGt2Tk0wWlNVZUZSczVvMGJxNlV2VVlSNDk5ZisyQmdUT3l2NjFVVDJTdk95THo4ancyR05abzNwZHZOekU3S1R0c0pvblNYdkZhMHpxc0llVDJ3VWQ2bjFMTlNDc2g5MkZXR3VvbkFIOWoreStucjR3MnlxT2tMNVBHQ2ppREdKWUpBejZ6eWlDZjBBUlAwYUJXQjRpRk1ibTRUNkE3Mk1Pc3BHYklVWDluQ2ZjMTQ2U0NTRTV0YWhnRnRqeXFNSk1DQjR3YUIrL0NwU0RoLy8yYmhTTFU0cG1sR1EvQjNoQT09fA&cppv=2
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0234687ab7c26f0d3643b77bb57e1fef6159b02fc29bbcde139ebe4515027d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
722808
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=PjX7E3wrWFNSWHFlZXBRQWhoSW9sZFJBL3Y1REJjeEZPbXZIMU5zUjh3OUMydGRpdStrTEtCWmdJTGt2Tk0wWlNVZUZSczVvMGJxNlV2VVlSNDk5ZisyQmdUT3l2NjFVVDJTdk95THo4ancyR05abzNwZHZOekU3S1R0c0pvblNYdkZhMHpxc0llVDJ3VWQ2bjFMTlNDc2g5MkZXR3VvbkFIOWoreStucjR3MnlxT2tMNVBHQ2ppREdKWUpBejZ6eWlDZjBBUlAwYUJXQjRpRk1ibTRUNkE3Mk1Pc3BHYklVWDluQ2ZjMTQ2U0NTRTV0YWhnRnRqeXFNSk1DQjR3YUIrL0NwU0RoLy8yYmhTTFU0cG1sR1EvQjNoQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
287629
content-length
0
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 0FFD 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981482a48a67a3c76a964e77e6ab6a5647954b7e8dfeaf3d5d8c5c19ff6f90f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29828
x-xss-protection
0
server
cafe
etag
616 / 19646 / m202310100101 / config-hash: 16770446656291207178
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 01:58:43 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/ Frame 0FFD 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a40e424d54800fc2704682930d3be386d0280b96a03869db6bf3894218f1eb7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 07:16:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
67326
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134722
x-xss-protection
0
server
cafe
etag
2928310903106852838
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 14 Oct 2024 07:16:37 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 0FFD 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1476992532260848&correlator=866511036841828&eid=44777901%2C31070232%2C21065724&output=ldjh&gdfp_req=1&vrg=202310100101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3De0d330846be019b1%3AT%3D1697421520%3ART%3D1697421520%3AS%3DALNI_Mb7bkjBH1s5_niiXx6-uZUkwIutTQ&gpic=UID%3D00000c6338a2f94a%3AT%3D1697421520%3ART%3D1697421520%3AS%3DALNI_MZzKsZJ2eeyscVjIIy7yHVFUu_KtQ&abxe=1&dt=1697421523482&lmt=1697389123&adxs=1850&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=d3a4twwl4qkc&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=6&url=https%3A%2F%2Freurl.cc%2FGKjnKp&ref=https%3A%2F%2Freurl.cc%2FGKjnKp&top=https%3A%2F%2Freurl.cc%2FGKjnKp&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=2126258022.1697421520&ga_sid=1697421523&ga_hid=1406370559&ga_fc=true&dlt=1697421523184&idt=269&adks=3360245792&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8761800fddb340215c1ee8417ebd1172572f9e09ed4c27f3f0dc2d9bc5091673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12268
x-xss-protection
0
google-lineitem-id
6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0FFD 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
867217676dd41030e4901a4bdd59868e568d3d16a7d08d73a89dbd46a3372bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12133
x-xss-protection
0
container.html
478daf98188a8312f1f449755c505cdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F167 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://478daf98188a8312f1f449755c505cdf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:58:43 GMT
expires
Tue, 15 Oct 2024 01:58:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0FFD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 Oct 2023 01:58:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7558 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
1967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:25:56 GMT
expires
Tue, 15 Oct 2024 01:25:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1F34 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8a4e27b4a9b5dca43ee8f1009abd852cd5879cff95ca1a2bdc8e50836033b377
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GkpAlbYAo4gJ43LfhpT40A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-GkpAlbYAo4gJ43LfhpT40A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:58:43 GMT
expires
Mon, 16 Oct 2023 01:58:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 7558 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 23:45:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
8004
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 14 Oct 2024 23:45:19 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1F34 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310100101&jk=1476992532260848&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame F07F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXGsZEi2YFuVssiMNht-E8o8U8eif6ToMaRGNiCa8E6xbS_Y2aADo_AekzaJgvG45vKdsYdFr2nFo3xqv_LBqlAw7lLg6wU2Gc20id0TvZv-oS2-yBhrHjxWkP-qTrxqtENNa8XSbgbVP1Mmxr24HhUFuegqXRmirrymHrh7i_9C8WicK2TDET89t82FwdTO5Ieyb4G4zAURiAEJXpvGTC-FCtJOKEeM53YhbaBM-z4HepFuChMuxvFtgiwDlsMPlzhXoh3ULhtLV8vZ9SMwNKIP4kB-a7XPgKHudYrFvVSZIHgs7YYPvD0N4ZwY0dsPECXqOr6ukwKEr6ERYkgfyVPYpzLKaaVFAh1JpyFjf7k8eMykZjxKljigqpFYOU-ijPTt30F9CxAQ&sai=AMfl-YSJ4OWqoKj_Pd-XIIpUArvQz33i9YcZg6CBAl7Yoq1ChGBly3AQNno9OneT8_GWn2cV4jOteaKSH5UlpGDnwwFymfkxVdsHEzm9QMOErj0QHzby3pyu35V6o1Q1cdQ&sig=Cg0ArKJSzBYusYtCngP8EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 16 Oct 2023 01:58:43 GMT
generate_204
tpc.googlesyndication.com/ Frame 7558 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7Pr1Fw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6C1B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjste100xLvFULbv9Hu4HUZMarfuS4p-65b1zRFidBQTB9BwTZLPVBFULTq81GrMzVM600WcmBmrXmp2CfMhCNa5axtjNMOtDB4NFejKirUOq3OK4H6gv0aIV6ijDj4Xyt-L-k35TvgmDMr6NCBRMgO5Ry56xJanw20KNHq8uHLtphsYhuMZSm-zbMqBEIRkbijeBbr3Ow6NRXvAHeCnCksDXHhxzcXi5fHTki4lWHAop95mtFE1JPTftDv8oImA2hkbuewh1ws2Z_iNqrV38k1_V-JPTfa_gmuVJwZkntgtp7gNsamDnHnyUwNP0WQdSJArJcEfO5qPLTnq4ZQ9udQtJCOMQIr7kTy0V4TYnnul7ZacklOmUvtgzFw8r9SdC7pu6CfW9TjY&sai=AMfl-YQ_-4XC8hv4MKRib7uosohSZLUbj3y1yYFLHxz56g77yYuiKLV2zk0NYJgL5CVHJsGbCropqSkpQRhc2b1vup1C_Vgpn-Mx_eqEBOSTt8MQO_e2w5tTHSY5GyCO64U&sig=Cg0ArKJSzB2nyDydW9AvEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame 6C1B 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f8e15342517755abc1831a42d004f007ab0e00cb26bbbd6aa6c4193d89bb882

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
f8_4CwQTT_UnBXRtf02aiYVk9aB8D47H
date
Mon, 16 Oct 2023 01:58:26 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Fri, 06 Oct 2023 03:42:38 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
19
x-amz-server-side-encryption
AES256
etag
"9d3aeb1c087722541820446aebcd8c24"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9235
x-amz-cf-id
5_a5LXEBCg7g-PIpAaFQFRmkf0WlR4VJ_VPjhP9zPb_02nDCgBstyw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C1B 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Oct 2023 01:58:44 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame 7C63 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca8708ceeec43763993d2daff2d9d2ab337e64fcbba5031b6f626e609e2db08f

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
28
content-length
8961
content-type
text/html
date
Mon, 16 Oct 2023 01:58:17 GMT
etag
"56c880695a57094a5870b3120df2ca74"
last-modified
Mon, 02 Oct 2023 00:31:32 GMT
server
AmazonS3
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
x-amz-cf-id
j44fwtObrJ6O6v_eTOS7oj_Q17zAer2pRIMG6ieXJ08z0KWp0tCoWQ==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
eW6cWzcOOb6T61HVOGfEzVZoubEHsljb
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame E6A5 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20230627
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8df5691a16c5560a40f00e7ddc53c79d5eed0cd43b22188fd465350a2f412f62

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
BrBzVPgl9QuaFlQ2fdbO_4X6SOkoctOm
date
Mon, 16 Oct 2023 01:58:20 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 02:43:06 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
25
x-amz-server-side-encryption
AES256
etag
"6cb998b36618c683768049fa1b914a4e"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
8036
x-amz-cf-id
5LgdDNNlmroKb2RSkuCQaRJEivyrBg_OEVpyELsrQBkViOUtkpRWeg==
/
cm.lndata.com/ Frame 7C63 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 16 Oct 2023 01:58:44 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 7C63 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.220.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-220-218.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:44 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 7C63 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:44 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 7C63
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH&uu_m=undefined&google_gid=CAESEO12AL_WIRehrfES9wEnVdY&google_cver=1
0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH&uu_m=undefined&google_gid=CAESEO12AL_WIRehrfES9wEnVdY&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:42 GMT
age
2
x-guploader-uploadid
ADPycdsxGHuiDD9OE7WE9q7NOuXkMr7Z1ipJ2smETqmu-vJQyZUpUGe8fGYxcO-ssUVy4Fe6ZZDirnPV3g6pnE6YGeB-gI-ks59Q
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Mon, 16 Oct 2023 02:58:42 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH&uu_m=undefined&google_gid=CAESEO12AL_WIRehrfES9wEnVdY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame E6A5 		1 KB
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.179.151 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-179-151.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
481d86a73487c4edc6e1edeb26433134874e6c51a00c894d18ab7887e209ddfe

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:44 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
ads.js
ad.holmesmind.com/adserver/ Frame E6A5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FGKjnKp&n=3&o=1&fc=7117-ecugZ5tOsO4yi9w90ixS2eITnXuevm6v&d=1&b=2&ts=1&ii=2&FPCK=7117-ecugZ5tOsO4yi9w90ixS2eITnXuevm6v&fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.179.151 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-179-151.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5e61b1924895912b716882d2d037501b7716aaab9ac5f2b138a9592c96c300b2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:44 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame E6A5 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Mon, 16 Oct 2023 01:57:58 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
47
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
zViEijnkM6M-8XTbkieMZV9fg0c-U4CATpXdNwakh-naCtEnyaE4wQ==
publishertag.js
static.criteo.net/js/ld/ Frame E6A5 		128 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8e5ff228884766879dfbb7a4628438a3334725b3acfeed5ec1daf5dbe99a630c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-20073"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 01:58:44 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame E6A5 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Mon, 16 Oct 2023 01:58:41 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
25
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
vEREJyAFvg4U4xLtqJc0zatGrDRRzbAjGZfTruLnFgD3SVkkFPTUdQ==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame E6A5 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Mon, 16 Oct 2023 01:57:58 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
47
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
5ab9yfG8GexEHYbjjhPpcACBZ-uWyA311yIv2ooOiETR34qukL_3uA==
appierV2.js
cdn.holmesmind.com/js/ Frame E6A5 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
DuL3NqcSAWlg9.9pH8H17Ba3odTimTvK
date
Mon, 16 Oct 2023 01:58:13 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:28:17 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
32
x-amz-server-side-encryption
AES256
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
41OH2m7R83foV56LksoQEm3uvoSigexhVDGkL-lnGT_98ErqbMVmkQ==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame E6A5 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd0366660d2837d11ab498b4adbca774d02854cbb182aaba77f5bc96075df9fb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
YYuAhwhSx_GsTeUJoqJMc_2F0T8dyIho
date
Mon, 16 Oct 2023 01:57:58 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 09:16:38 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
47
x-amz-server-side-encryption
AES256
etag
"f06a16ff0c73f1550fb80377786b8f06"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6065
x-amz-cf-id
wI6AZn2SYshFBZRh6YJrR4QreeRwblEhj-prhZdlegtsg8uNveq7Bg==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame E6A5 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:44 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame E6A5 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.0903228692854714
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Mon, 16 Oct 2023 01:58:44 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
bid
ad2.apx.appier.net/v1/prebid/ Frame E6A5
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:44 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 16 Oct 2023 01:58:44 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame E6A5
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
6fe1470abea1c7d9d20252551a25fa83745e9a8ebfe33133b812f6c0383f2c12

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:44 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date
Mon, 16 Oct 2023 01:58:44 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
utag.js
t.ssp.hinet.net/ Frame E6A5 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:44 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Mon, 16 Oct 2023 02:08:44 GMT
syncframe
gum.criteo.com/ Frame 6B31 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
27ce2d1973c8a131d6e828cd3793c4ecaa277518950c34dfc9f6aecbb70fdf9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:58:44 GMT
server
Kestrel
server-processing-duration-in-ticks
817832
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame E6A5 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=143&profileId=184&bundle=06NSpV9Yd3c2SkVmM2xYVVVjb2xHbWl4dFpJR01ySUp1YTVMUk1aeVNCZGpPS3dacGZnS2lsbjF6RCUyQks5dmVsRFFBVHpyRUxzUzM0eFlTT2wlMkJMUWlhcTNvJTJGN3NpdVVvZWUzUkZUeWVMbTRYVmU3RWhseiUyQldVcTEyRlFtT2RIeVJEdHNLWGpJZ0xKZHlnT1pQWFFJZEp6Q1dGUSUzRCUzRA&cb=60294818203
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:43 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
sodar
pagead2.googlesyndication.com/pagead/ Frame 0FFD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310100101&jk=1476992532260848&bg=!ODulO3TNAAbFpEfJ5aQ7ADQBe5WfOE0rfd-MgQ3WGFhrrJAYbC5YGL4zkTWA_KiRrLkEixm_j6S3DasHW0ZQj8GmLxcEAgAAAFFSAAAAFGgBBwoAOCCTYZpmXo7EjVqOKEQfLwXO5QR5v9G5echmwSGqqWHo2rPAzngq6wtClDvFPKINDcJVZVPsf2jlmQNJgZ-gRrh-WXOoyB-9Sv0Y3nrZnQGBod4Mk74wgXHBNn26OiutPOQSpAulFMcnJr170ARxfIFVGK8s5fhB4MwwHmIvAd_KrojmAIfaLF7CGQt-9OS52qKFlTYbxFZOsbKpazipVaEpZJYap00-R1bhRCg72ES4mAK_kNLMmnhaVb73PfJJ6P-FmhK0GLMpYydVA9rlbF3EXoxafzd-rtC7S_kJg2HjC399K-x2qjjiU3362P642nNFu_l57CJMMrMwar-FvniZwwQaGLbVywjDCX2Oa_fKmXdGY27chwJ-qUy2fChJTbtt2EFmKJq7xqAXc4rfmDOmUhX2VtVigrv0WqVrqFD_XI_qhSi2qSbGXDr9ilqVtjl7L76BhD5_ZRgvFW6Ch3r66kTHqSvZ2tm-im7izetCsWLOa2Kc44ZiZzkWAZll1MvmkV5WkRV0l44bgOBv6QieM3qiSpuLuBwTGXQ7570RstopxLf-IYA2YePYElwGR_lpHlZHbyioqn4otqfSTVa82InG1idS7DNV1-g0h_T7tVHWXKRKpRjTuptYYu7PBrgiwQ2JtiA5Jp4sXvKO67ZxnIvgLegwyycrF412ZkAKCWgXWwqymWglyhqmFWNNur9w4VoyxKJ7X3I0FFA4DdXZbgYiT0h4n8x4X72bHTk3owRY9C1RfByq_VTBZKbBVWUkMmCuDTSxmuNkWzHkCDcbggQYxvaJqnzD_WKXOj7Df5DHJjreGv3ZhWZeM28ULA-LuEvp76Nxs6-_32HSXa_7ZB9ENWPeYJsxHg-3S1NOO94TWhLo8BcpRn5SY9myNxwnWtYTF6iE7whstOdKCa-sjDXy9VAFRJQ4e8QtwRTayHEyb2pp3S-HS8_ll9YLNXXSAdy1c8XlEKHbu000Q_toTGSmyZBwRqd5hKgs6AoQ-WLgCCBcIwtqodJ6Gw5sbEnU0_n73sSIlzcCu1KO2lA0goyFBNL2-Sck20ln6F9xJAPr4J6BswPxAAz1yT5fbvsHRNqx9YdO88QK6TXlnVPvJ_CrMPr8gmSmhxjiF0VQQsPb3oehlTbxbimr51hmr-mpKFu9V-lDFRa8VqpJvUb33VUr7CLAnT-CiktILQ5cAFTafg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
drawV2.js
cdn.holmesmind.com/js/ Frame E6A5 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FGKjnKp&n=3&o=1&fc=7117-ecugZ5tOsO4yi9w90ixS2eITnXuevm6v&d=1&b=2&ts=1&ii=2&FPCK=7117-ecugZ5tOsO4yi9w90ixS2eITnXuevm6v&fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date
Mon, 16 Oct 2023 01:58:41 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:54:55 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
49
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
7Z35CjwOYv021tyuZXzBO3QowFHhRTx7Tss4TkQ6T7ggmeMy0Spy_g==
pixel.gif
static.criteo.net/images/ Frame E6A5 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 10 Oct 2024 01:58:44 GMT
pixel.gif
static.criteo.net/images/ Frame E6A5 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 10 Oct 2024 01:58:44 GMT
events
bidder.criteo.com/csm/ Frame E6A5 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:44 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
sid
mug.criteo.com/ Frame 6B31
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=06NSpV9Yd3c2SkVmM2xYVVVjb2xHbWl4dFpJR01ySUp1YTVMUk1aeVNCZGpPS3dacGZnS2lsbjF6RCUyQk...
  • https://mug.criteo.com/sid?cpp=aKAsKXxmNDVvamhLK0pGZjNzWGhCVXRQL2F5c2x4WTJrdWcwOEQ4ZXJMTU1rUzUvVkRlS1E4WVczaDl3VGRsbnR5RXlFeWhOUnNaZitJM0dUMWNVSllCTkgrRGlFd0xJV0V6aml2OEFhTXdEd3FTUy85WjdxMXVKZ2xzMn...
425 B
667 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=aKAsKXxmNDVvamhLK0pGZjNzWGhCVXRQL2F5c2x4WTJrdWcwOEQ4ZXJMTU1rUzUvVkRlS1E4WVczaDl3VGRsbnR5RXlFeWhOUnNaZitJM0dUMWNVSllCTkgrRGlFd0xJV0V6aml2OEFhTXdEd3FTUy85WjdxMXVKZ2xzMnNVQi9GQ2JSRkpObmE1NUNIK3pmZHhOeHNzeVRtRGdZN2kreTNjaE5LTE41WDdHM2ZGOThtWmdWQmtrUFFTUmVzQ0xrQlFRRlh0ZTdWYmU5aXhYYi9iWGphSFAzU3ZHeUorcGhreWhqODF0bXlabEFyejRqc2RPVGJueUFtNVpROFZjMTFZQ3JtUkRYL0lQU2llNE4vTGlIUG9uOTJQdz09fA&cppv=2
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
162f0deb11224c5601f49d2c84c19247a0d606c338115c627b7bc5c802a9d107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
718325
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=aKAsKXxmNDVvamhLK0pGZjNzWGhCVXRQL2F5c2x4WTJrdWcwOEQ4ZXJMTU1rUzUvVkRlS1E4WVczaDl3VGRsbnR5RXlFeWhOUnNaZitJM0dUMWNVSllCTkgrRGlFd0xJV0V6aml2OEFhTXdEd3FTUy85WjdxMXVKZ2xzMnNVQi9GQ2JSRkpObmE1NUNIK3pmZHhOeHNzeVRtRGdZN2kreTNjaE5LTE41WDdHM2ZGOThtWmdWQmtrUFFTUmVzQ0xrQlFRRlh0ZTdWYmU5aXhYYi9iWGphSFAzU3ZHeUorcGhreWhqODF0bXlabEFyejRqc2RPVGJueUFtNVpROFZjMTFZQ3JtUkRYL0lQU2llNE4vTGlIUG9uOTJQdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
274205
content-length
0
expires
0
truncated
/ Frame 6C1B 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6fc98828746801f4df4fdf0f91b936770fba881103beb3e7a5eb52f308baeb9f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 6C1B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQG2fL2ly1u99lpSuv-tMiq1Km4H3hFCOHRW-ocQlywWQ-fGQWVAzh1OW7rWUVefsXk1h58Ewvi0LYbPxKSlJJeagcBw2rUkcEScBWDe1yzsjd3mLY1OKt-YZNMTUf3Kvaw7honr9h7JqcLAZGUKSEJKDLjfky8QrNEu3tKYFaFlsVfgbENT8L90IFK2uhJYHhGqGt4z4KF4CFPGQAcEqA8gblGPPSyxK4RATR88DtOs4jCbeeGZRiWJ_HwMRRpA4oruqUk0DPGUt-a3NLVwKYvF3bgUM0cP6E6d9WLwqd9VZcoY_nLTaoQ1VWNLWVMxB4g_ugUJVgXBpbLGRzcmaxQzsgSqYPK2A98NzWWsLs8ys1BJznJBWSDP4JcWRUCgBqCOVBFZ8DLw&sai=AMfl-YQItV5Sgu6rxftPSJ9QYJxDoaD3CwCml1xxDtQdaFNOppm5Pv3z_a3kMn7AxnpSaX3m3PXPJI7KXD5BmnMWqVvJ8rma-ELJe6MO-cAtlGNdrowpyMTKOsth7xXTGtI&sig=Cg0ArKJSzNwW6tTC0jpBEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 16 Oct 2023 01:58:44 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 14FA 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a40944ee19f466c7bf95f5befbaacd5dde9de5d2f2f058fccb6865b630c0382
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29823
x-xss-protection
0
server
cafe
etag
62 / 19646 / m202310100101 / config-hash: 16770446656291207178
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 01:58:45 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/ Frame 14FA 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a40e424d54800fc2704682930d3be386d0280b96a03869db6bf3894218f1eb7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 07:16:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
67328
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134722
x-xss-protection
0
server
cafe
etag
2928310903106852838
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 14 Oct 2024 07:16:37 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 14FA 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1969818118053003&correlator=3137352043832055&eid=31078261&output=ldjh&gdfp_req=1&vrg=202310100101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3De0d330846be019b1%3AT%3D1697421520%3ART%3D1697421520%3AS%3DALNI_Mb7bkjBH1s5_niiXx6-uZUkwIutTQ&gpic=UID%3D00000c6338a2f94a%3AT%3D1697421520%3ART%3D1697421520%3AS%3DALNI_MZzKsZJ2eeyscVjIIy7yHVFUu_KtQ&abxe=1&dt=1697421525148&lmt=1697389125&adxs=1850&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=iewwii7x4nwc&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=9&url=https%3A%2F%2Freurl.cc%2FGKjnKp&ref=https%3A%2F%2Freurl.cc%2FGKjnKp&top=https%3A%2F%2Freurl.cc%2FGKjnKp&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=2126258022.1697421520&ga_sid=1697421525&ga_hid=1955661908&ga_fc=true&dlt=1697421524951&idt=182&adks=3360245792&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7af5386444d83eb5eef91bb28dc83036efa3c361deb344902b906a2622002749
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:45 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12279
x-xss-protection
0
google-lineitem-id
6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 14FA 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c5c86001981c6a3c41974abad892cbc2729585b880f164a63532110a130a7fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11959
x-xss-protection
0
container.html
58996e0448e9a2b59468d7fc5fbf5b16.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7AB6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58996e0448e9a2b59468d7fc5fbf5b16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=9
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:58:45 GMT
expires
Tue, 15 Oct 2024 01:58:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 14FA 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 Oct 2023 01:58:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1A06 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnPZv9AvbSqJXhZ3TW9Y5-8OyFDNLA8fNLr-9k7qz7T-vSjhIz7HNZVtZzkSPUmc-P0Z2EMl1gUyIB8AplClxrIL2PvV_7y5pt44z56Hgom8xbeFR_J2dmAy6xJEACvzvU4EtTZPJpUTeosyRJ7FEKLvoCr0l00ZDABREqzd5Usu1cL2c5_F3XFSRRzdR0ATtJjnjlBF6LYIkL6hv_QyHBhwhVG38q9oVsQQy4W5ol7QGjSK9amE7rsvgE1OBgb5lPaXi_ryQKQJ6GWwUnANoRqw9bRnYu2xTudMQyLUymabjeUXWh6J9VJvIeVfATtd77wMiSet0v6NfxEjQ23qziu5m88eQ5eOI00xowBkp9VDX0HGBjzLe8pMYTM7sNp0gEtIvCMEo&sai=AMfl-YRMv8SA7oqiKWGl-FXHwItqRUN1ESrsVz99RhtTQjmZFz5Nm6Fj4qUq2NASoh7MAG8RspU-nAzKxOElWOkjLYIzvUuzanDGKyERF2K1vzvsx6dbYHXfEFrnPwfUSrc&sig=Cg0ArKJSzME7YamwiV_SEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame 1A06 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f8e15342517755abc1831a42d004f007ab0e00cb26bbbd6aa6c4193d89bb882

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
f8_4CwQTT_UnBXRtf02aiYVk9aB8D47H
date
Mon, 16 Oct 2023 01:58:26 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Fri, 06 Oct 2023 03:42:38 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
20
x-amz-server-side-encryption
AES256
etag
"9d3aeb1c087722541820446aebcd8c24"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9235
x-amz-cf-id
axmqQz7jyG0QtkT2mv8wUm7GAox-6GnwKzLER9-xRBXwjHYtBv6sRg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A06 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Oct 2023 01:58:45 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame 3024 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca8708ceeec43763993d2daff2d9d2ab337e64fcbba5031b6f626e609e2db08f

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
29
content-length
8961
content-type
text/html
date
Mon, 16 Oct 2023 01:58:17 GMT
etag
"56c880695a57094a5870b3120df2ca74"
last-modified
Mon, 02 Oct 2023 00:31:32 GMT
server
AmazonS3
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
x-amz-cf-id
yjeWnBWWh0-tCxpJCe1j2whb8t5AQr1f8Um2dfrUiHCuFWLeCPMrvA==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
eW6cWzcOOb6T61HVOGfEzVZoubEHsljb
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 7D75 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20230627
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8df5691a16c5560a40f00e7ddc53c79d5eed0cd43b22188fd465350a2f412f62

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
BrBzVPgl9QuaFlQ2fdbO_4X6SOkoctOm
date
Mon, 16 Oct 2023 01:58:20 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 02:43:06 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
26
x-amz-server-side-encryption
AES256
etag
"6cb998b36618c683768049fa1b914a4e"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
8036
x-amz-cf-id
C-ctglRuCKJW_mohb5zfk045UEkrJLMvfgaRjqQ_6v2qmyLxaGTiYQ==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9936 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
1969
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:25:56 GMT
expires
Tue, 15 Oct 2024 01:25:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BD4A 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f9c4e40302f3cd122b3d1fe1877a78e7052ed7a4b2190f1b02472e1e2e3567b3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FZLklnfPmWcz2V9GWyN2Tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-FZLklnfPmWcz2V9GWyN2Tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:58:45 GMT
expires
Mon, 16 Oct 2023 01:58:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
cm.lndata.com/ Frame 3024 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 16 Oct 2023 01:58:45 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 3024 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.220.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-220-218.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:45 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 3024 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:45 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 3024
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH&uu_m=undefined&google_gid=CAESEO12AL_WIRehrfES9wEnVdY&google_cver=1
0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH&uu_m=undefined&google_gid=CAESEO12AL_WIRehrfES9wEnVdY&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
Protocol
H3
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:45 GMT
x-guploader-uploadid
ADPycduxcj2pxuE7c4bfU4nVanR8AB2dnS5ciEQbZNXqMhTQ7Ju9ufwnTU3nzfgTSQmJp96ydWhTGG-wSwyPI8sPd2cu
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Mon, 16 Oct 2023 02:58:45 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH&uu_m=undefined&google_gid=CAESEO12AL_WIRehrfES9wEnVdY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 7D75 		1 KB
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.179.151 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-179-151.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
481d86a73487c4edc6e1edeb26433134874e6c51a00c894d18ab7887e209ddfe

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:45 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 9936 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 23:45:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
8006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 14 Oct 2024 23:45:19 GMT
ads.js
ad.holmesmind.com/adserver/ Frame 7D75 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FGKjnKp&n=7&o=1&fc=7117-ecugZ5tOsO4yi9w90ixS2eITnXuevm6v&d=1&b=2&ts=1&ii=2&FPCK=7117-ecugZ5tOsO4yi9w90ixS2eITnXuevm6v&fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.179.151 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-179-151.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
71fcb758a1b44ffea9ce29b94e3a97899f5735cbf0c62930415c7dc7d529322e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:45 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 7D75 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Mon, 16 Oct 2023 01:57:58 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
48
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
VHcCJ8Y7WMDbhollrryOVOlfYHCTiPtlI63j9sFbJOB9aT9_GQkBDw==
publishertag.js
static.criteo.net/js/ld/ Frame 7D75 		128 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8e5ff228884766879dfbb7a4628438a3334725b3acfeed5ec1daf5dbe99a630c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-20073"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 01:58:45 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 7D75 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Mon, 16 Oct 2023 01:58:41 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
26
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
q4n8mB52M8vw6CecNQEtev6Dmf2Zm9_t4lvfGXtwA8UWEfkBC3mfGA==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 7D75 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Mon, 16 Oct 2023 01:57:58 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
48
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
t3oarsYlv-_yDb5coOz3CNkVELK-o2K93OLjzjxZW7XkqVCLKy99bw==
appierV2.js
cdn.holmesmind.com/js/ Frame 7D75 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
DuL3NqcSAWlg9.9pH8H17Ba3odTimTvK
date
Mon, 16 Oct 2023 01:58:13 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:28:17 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
33
x-amz-server-side-encryption
AES256
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
ZtXlkcidYq78mfWxO31-WsqKpLAKfW8GrOHQpISqGJ_X0VO7STu17g==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 7D75 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd0366660d2837d11ab498b4adbca774d02854cbb182aaba77f5bc96075df9fb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
YYuAhwhSx_GsTeUJoqJMc_2F0T8dyIho
date
Mon, 16 Oct 2023 01:57:58 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 09:16:38 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
48
x-amz-server-side-encryption
AES256
etag
"f06a16ff0c73f1550fb80377786b8f06"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6065
x-amz-cf-id
NcMzbni2rjIU70X-g6n2cmJ69k6GQgj-df_Tpp4YJduUqZhmrGwnXA==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 7D75 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:45 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 7D75 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5489849044188078
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Mon, 16 Oct 2023 01:58:45 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
bid
ad2.apx.appier.net/v1/prebid/ Frame 7D75
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:45 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Mon, 16 Oct 2023 01:58:45 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 7D75
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/GKjnKp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
69b8051ab1b22ac11773f10d68d967938867e49106696b6b4f711eaed804579a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:46 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date
Mon, 16 Oct 2023 01:58:45 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=YPMqEAuAA5C20MnU0ZgsZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
truncated
/ Frame 1A06 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9962bf2e01643eeca6671ffe56e289e9ca8c71a9ad4587df2240eed151b42cd6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame BD4A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310100101&jk=1969818118053003&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 9936 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_T6yMg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
drawV2.js
cdn.holmesmind.com/js/ Frame 7D75 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FGKjnKp&n=7&o=1&fc=7117-ecugZ5tOsO4yi9w90ixS2eITnXuevm6v&d=1&b=2&ts=1&ii=2&FPCK=7117-ecugZ5tOsO4yi9w90ixS2eITnXuevm6v&fp_uuid=7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date
Mon, 16 Oct 2023 01:58:41 GMT
via
1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:54:55 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
50
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
H0iA9FuEYhZOihsfIRQWd1ZxExrnaI6yVCGB8d7t2uyGZ352clYkVg==
utag.js
t.ssp.hinet.net/ Frame 7D75 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:45 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Mon, 16 Oct 2023 02:08:45 GMT
syncframe
gum.criteo.com/ Frame 9871 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
27ce2d1973c8a131d6e828cd3793c4ecaa277518950c34dfc9f6aecbb70fdf9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/GKjnKp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:58:45 GMT
server
Kestrel
server-processing-duration-in-ticks
996638
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame 7D75 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=143&profileId=184&bundle=6NGOEl9Yd3c2SkVmM2xYVVVjb2xHbWl4dFpMaFNseHNDOE1uNWNqbWoyWld5a2pqbkpPJTJGWUUyNVVDWUE0Q0x2NVdpeHRoR1klMkZ4TkFuTG1QWFcxWjdnblNzbW5UNGZPcGc0YUp5Y2g0a0lLdHpVZWR3QlVZZCUyQklod0dkRnZMeENlTDB2JTJCNmVRRkxVNkp6OXNBTTdUQlNLWGFuUSUzRCUzRA&cb=74013113746
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:45 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
view
securepubads.g.doubleclick.net/pcs/ Frame 1A06 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUeVLoh6gkwQg_TXAaeP9p0NI2_s3OaR-bbGkYhDVA_67MyVpbLkMhj5q80_GxzMM5Tg21V7CK3oYwh5Uwqv5lZLPWfkwD-o4DoQPjJFFlkwPhHODCNR1x15v7Wwv3ycv9Ed-ByLIfFUhVn9D0vuauIFbtmNhHNAsZgHYwepVn5Z8mmy8eOHuw2HgfNzPzRglQe1y2A_8OO8-31nK-P8rNVmqxfMvny3TTZSvPIwpebwrNEJ47lRfVaqSoMkE5HwW-_ISMdvY3x2aRTK3HteL6SUKcGNQKsMdiVb6nZuQwwop1aMgUgb_51y5jH4IdFlDcsvuaL_ooDiefGob-zyfRr5hry242mX17KVFP01HFAwfKIfGeKc3NToxqTxhWK3fpEx-_fzryVQ&sai=AMfl-YQceFl7nkhehxAbybbvgUuXPDj3uoT902rMnaOhk1CIJ7QNCe-NepsmwMIswex7DDNpKmOG43v-cbxYWGy2iBhGw4LsNR6ADlNhWEh1YexjHq4bj8ErWZiy_yENu7w&sig=Cg0ArKJSzIzWcZcJpXN8EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 16 Oct 2023 01:58:45 GMT
pixel.gif
static.criteo.net/images/ Frame 7D75 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 10 Oct 2024 01:58:45 GMT
pixel.gif
static.criteo.net/images/ Frame 7D75 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 01:58:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 10 Oct 2024 01:58:45 GMT
events
bidder.criteo.com/csm/ Frame 7D75 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Mon, 16 Oct 2023 01:58:45 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
sid
mug.criteo.com/ Frame 9871
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=6NGOEl9Yd3c2SkVmM2xYVVVjb2xHbWl4dFpMaFNseHNDOE1uNWNqbWoyWld5a2pqbkpPJTJGWUUyNVVDWU...
  • https://mug.criteo.com/sid?cpp=agHCEHxzZEMyRXdPZ0EyUnAvYXBHV3VFMUsvd3o3UjR5ODJHbFRkdHRUci9idTdMWHdtUGVKVkxpNFZBVW5Sc1ZiN0dXbmgxWnY4WWYxZU5qUllwaVlpU0VkYUJPSVZxRFFqMDZ4L1hPeUdmMFd3emZ3R3ZUb0l3WERPcU...
425 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=agHCEHxzZEMyRXdPZ0EyUnAvYXBHV3VFMUsvd3o3UjR5ODJHbFRkdHRUci9idTdMWHdtUGVKVkxpNFZBVW5Sc1ZiN0dXbmgxWnY4WWYxZU5qUllwaVlpU0VkYUJPSVZxRFFqMDZ4L1hPeUdmMFd3emZ3R3ZUb0l3WERPcUhiRXNldmpTQjhFTmJmcnZIOXdtQ05oN2RiNHVsQzE4a21JTnVHcWZUb0t2bUNWV243YStYVkwxZitYSFRZemNKa09UL1Z5R3hYVGhDU0o4Zyt0VFgxVzhDVytmcWNCcS9IR3RzU01mQmFYNDBHUG5NRkl2d001dzVDODNCTUh6VlFxdElyS2dlcU9RMG9VOFM0Y0s0SFRTazBMTmxLZz09fA&cppv=2
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
bc6dbaca8fa4873c057d8ab46bbe5324766db282afaca1dac4323e38b3818a6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:45 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1719399
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:45 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=agHCEHxzZEMyRXdPZ0EyUnAvYXBHV3VFMUsvd3o3UjR5ODJHbFRkdHRUci9idTdMWHdtUGVKVkxpNFZBVW5Sc1ZiN0dXbmgxWnY4WWYxZU5qUllwaVlpU0VkYUJPSVZxRFFqMDZ4L1hPeUdmMFd3emZ3R3ZUb0l3WERPcUhiRXNldmpTQjhFTmJmcnZIOXdtQ05oN2RiNHVsQzE4a21JTnVHcWZUb0t2bUNWV243YStYVkwxZitYSFRZemNKa09UL1Z5R3hYVGhDU0o4Zyt0VFgxVzhDVytmcWNCcS9IR3RzU01mQmFYNDBHUG5NRkl2d001dzVDODNCTUh6VlFxdElyS2dlcU9RMG9VOFM0Y0s0SFRTazBMTmxLZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
236682
content-length
0
expires
0
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3ab0&_p=2012606512&cid=2126258022.1697421520&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1697421520&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FGKjnKp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/GKjnKp
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 01:58:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 14FA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310100101&jk=1969818118053003&bg=!goGlgc7NAAbFpEfJ5aQ7ADQBe5WfOHvxx0k_5-FHPrnORYNLWRXXMw6J3BeoohpHPlhTEqDSaBXJV6YVYZGeYLK9VkEWAgAAAFRSAAAABGgBB5kDiX2puMTAcKDxbG7VHbYQ51TauhppjMzKZAAd6zL04X_SdRUA1pVU9F73QZjwNzsvdTt1_ya8Eo5vhDgTO8TXAEKqEYfhDcGeqDuTgz3xZiCZgZNlLa6sPBxl_O1m8FWSvcSyBFXaTCU4CL-Wx0_N3mKW6z0exs2uO5VaJihOIkUQGruDs7GMYjHxTf0bT9LIraLkTq_8jZuPqA5ZO4kGUlmxk-zjtb9DxT-sRW6LmIxGAodTnhEu-6NxZoYaztmrdD_yNUJKU0u2bPSAQGgRGZ7IOer1f29ZJQFKt-fGKqLpVv8BE9968ZbamgsFqjb41A_5ZmOQKIvbiL40LzolIfDqFxSKGkuh5ccuzs6t_QQWwOKsguIX7dKWtLQln2HrQ3Xa82raYnrmL80tvqGgoKwAUQRFVY6EhaQEb0pFMQKI19kesKZxX_BkCNUkOA4CVOe5_AZTLcohdQFq7imfD98iouaGruoS6U1s7szpTGgnjbnASMWt4O1t_l9p0iB4sbU5V9pt-XdqFl_9p8MDfAUGIGLQXaUwn_mwhN_6LyBRidrVpPR97cey7J9i2VQDeXxz2RwFqG4tGb3qIIxGIyHEUzSa0xo0qEWlAAwcCN6LqMdcA3l_Jcu32hY0BEp0S1JU4EOFjlnwzEMegtklxa47FUJXZNsbii7M6JzxMdqmkr3h9KtuuAcz84ID8cC57Zo2n1ynVUUOBI8JpWNEzYnAk30B9S4ildqf7F-7Vg-XiS7ovvT_sXqgocoUk2meMq2RY3XgfIWMfvuE89CM-WKyCWQshPbJTomVNuYjNBmpmOGaKv0XFRDN75BJHoJrm30aP-4UFUDD2dV6gSV5EZZs0laEVXaaTMvvueDbtr6cPIW5T7QRfQoUHPQCTMpXetvxqq7UVrdl2mVOWLW2ML3ZXKSWLFD5T9r-fS9m11A17wQrS5ThaQixfJed5MQPbAWsINet3VNJxK3u3MZmpL_SapBaPMG4qS6XBa717GnFCOlVh15y1ghQhmTBie-Nhff6IWZK_ztq58Ihhq9qUWN9bi-BWFuv3vqVaZARyRcsHUlLuaenvQHj8hvxjusR-32q4tWuYdCHyFJOXbsJb2IT5iQjDMe3ngqt8_7umoloKHqzAWOxl7xZzcwtFmsy8ck-90lxAMFH_RkXNQ-1oWJD7C4Cp4RUMk0gikv2jbKHciejCUny7pUC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/GKjnKp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame ED12 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2FGKjnKp%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19646.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1009259686&__s=%3A%3Amhp6qc&__hsi=7290369918039614546&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w&__csr=&__sp=1
Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w&__hs=19646.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7290369918039614546&__req=4&__rev=1009259686&__s=%3A%3Amhp6qc&__sp=1&__user=0&dpr=1&jazoest=21857&lsd=8T-RHn2UAit7meo0WzOw2j
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 function| gtag object| dataLayer object| googletag function| Vue object| renews function| getRenewsFeeds object| app object| sas object| adloox_pubint object| anymindTS function| startAnymindTS function| fbq function| _fbq string| labelToken string| category string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady undefined| google_measure_js_timing number| google_unique_id object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| _33across object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_143 object| Criteo object| Criteo_identitytag_143 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| brWidgetInit object| truvid_protected object| google_image_requests

45 Cookies

Domain/Path Name / Value
.prnasia.com/ Name: __cf_bm
Value: jNHSbdt9.PdGHn_xMsIfbZkR1fSg.u8JcfO4ZTNl6fI-1697421520-0-AYLPJPYn+1yfg6s3bhg0HKbbkeSAVpbEPKoxkidoY+2VC7TZwIsiVQDPekKa3Yc5HeYe1OlWDJFF0gVxcTSYHdw=
.reurl.cc/ Name: _gid
Value: GA1.2.298493848.1697421520
.reurl.cc/ Name: _gat
Value: 1
.reurl.cc/ Name: _fbp
Value: fb.1.1697421520200.1966315615
.reurl.cc/ Name: _ga
Value: GA1.1.2126258022.1697421520
.openx.net/ Name: i
Value: bc910890-c2bc-410e-b8ab-91dd4d8c627a|1697421520
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: fe247eeffc561409a9b51441cbb6dad6
.reurl.cc/ Name: _cc_id
Value: fe247eeffc561409a9b51441cbb6dad6
.reurl.cc/ Name: panoramaId_expiry
Value: 1698026320628
.reurl.cc/ Name: panoramaId
Value: 86a3ac810cb867a20bff3384340216d53938dbacd3b5d9f0e3febdd305161173
.reurl.cc/ Name: panoramaIdType
Value: panoIndiv
.openx.net/ Name: pd
Value: v2|1697421520|jElYiuvOhI
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjk3NDIxNTIwfQ
.adsrvr.org/ Name: TDID
Value: d9112e13-d4e9-4d5e-a1db-1cdf11a04a6d
.doubleclick.net/ Name: IDE
Value: AHWqTUmQmEXxphC8E7dqJ6oSLPqpiRMXAZIvZD5p8hQ3CVmWU0dHhQ1BypseK_NCVXQ
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjUobvrxP2mPBAFOAE.
.reurl.cc/ Name: __gads
Value: ID=e0d330846be019b1:T=1697421520:RT=1697421520:S=ALNI_Mb7bkjBH1s5_niiXx6-uZUkwIutTQ
.reurl.cc/ Name: __gpi
Value: UID=00000c6338a2f94a:T=1697421520:RT=1697421520:S=ALNI_MZzKsZJ2eeyscVjIIy7yHVFUu_KtQ
.ladsp.com/ Name: cr
Value: 1
.reurl.cc/ Name: _ga_N394QBRGC0
Value: GS1.1.1697421520.1.0.1697421520.60.0.0
.ladsp.com/ Name: smn_uid
Value: cFVXmu0pZj9Ort_RkPamIQ-z99EHCNY
.ladsp.com/ Name: lum
Value: CNrg07GzMRIFCAMQ0AU
.openx.net/ Name: univ_id
Value: 537072971|d9112e13-d4e9-4d5e-a1db-1cdf11a04a6d|1697421520984380
.holmesmind.com/ Name: fcm
Value: 1
.reurl.cc/ Name: CFFPCKUUID
Value: 6159-0b3GVOqCbYtwSYQWjdWY4LCmkkxPXhiV
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 7117-ecugZ5tOsO4yi9w90ixS2eITnXuevm6v
.reurl.cc/ Name: FPUUID
Value: 7117-38e49ec5ef22db05cd767a3d2fd6c23e302104dae34c69dae7cbcfcb3f5e9786
.doubleclick.net/ Name: DSID
Value: NO_DATA
.c.appier.net/ Name: _auid
Value: YPMqEAuAA5C20MnU0ZgsZQ
.hinet.net/ Name: uuid
Value: f4205129-c487-44e0-a1f0-3fe221eaf58a
.criteo.com/ Name: uid
Value: 144d65c5-9d66-4b64-ad09-dd35e3201406
.holmesmind.com/ Name: P
Value: 659295-hSGxcRlR5Rf3G3nGtgtgpvlEqQzBaAUH
.holmesmind.com/ Name: Vision
Value: 20231016-23:59,20231016-12,20231016-12,20231016-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.lndata.com/ Name: admckid
Value: 2310160958401539233
.reurl.cc/ Name: __htid
Value: f4205129-c487-44e0-a1f0-3fe221eaf58a
.reurl.cc/ Name: _ht_em
Value: 1
.reurl.cc/ Name: truvid_protected
Value: {"val":"f","level":0,"geo":"JP","timestamp":1697421523}
.reurl.cc/ Name: _ht_hi
Value: 1
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/ Name: d
Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.reurl.cc/ Name: cto_bundle
Value: 6NGOEl9Yd3c2SkVmM2xYVVVjb2xHbWl4dFpMaFNseHNDOE1uNWNqbWoyWld5a2pqbkpPJTJGWUUyNVVDWUE0Q0x2NVdpeHRoR1klMkZ4TkFuTG1QWFcxWjdnblNzbW5UNGZPcGc0YUp5Y2g0a0lLdHpVZWR3QlVZZCUyQklod0dkRnZMeENlTDB2JTJCNmVRRkxVNkp6OXNBTTdUQlNLWGFuUSUzRCUzRA

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

478daf98188a8312f1f449755c505cdf.safeframe.googlesyndication.com
58996e0448e9a2b59468d7fc5fbf5b16.safeframe.googlesyndication.com
65fc8088df6115f40a8cfaa155fde678.safeframe.googlesyndication.com
744cdf5eb2e58548a5a3841447c3e2b5.safeframe.googlesyndication.com
ad.holmesmind.com
ad2.apx.appier.net
adcdn.holmesmind.com
analytics.google.com
anymind360.com
bcp.crwdcntrl.net
bidder.criteo.com
blog.alphaloan.co
c.holmesmind.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.holmesmind.com
cdn.jsdelivr.net
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cm.lndata.com
cnt.trvdp.com
connect.facebook.net
cr-p3.ladsp.com
creditcards.com.tw
f.reurl.cc
fcm.holmesmind.com
fcm2.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
i0.wp.com
img.gbyhn.com.tw
invstatic101.creativecdn.com
jp-u.openx.net
m.holmesmind.com
match.adsrvr.org
mma.prnasia.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
openfpcdn.io
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
prebid.scupio.com
re-news.tw
reurl.cc
rt.ad-score.com
s.trvdp.com
scontent-nrt1-1.xx.fbcdn.net
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
storage.re-news.tw
storage.reurl.cc
t.ssp.hinet.net
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.rayskyinvest.com
securepubads.g.doubleclick.net
www.facebook.com
103.132.192.30
116.50.36.71
142.251.42.130
151.101.193.55
172.105.203.31
172.64.152.89
18.139.47.19
18.172.31.22
18.172.52.51
18.182.220.218
18.65.168.114
18.65.185.16
18.65.185.4
18.65.185.40
182.161.74.11
192.0.77.2
192.0.78.236
192.0.78.24
2001:4860:4802:38::181
203.75.214.136
210.59.219.34
211.120.53.206
2404:6800:4004:801::2001
2404:6800:4004:808::2002
2404:6800:4004:80f::2002
2404:6800:4004:80f::200e
2404:6800:4004:81e::2001
2404:6800:4004:81f::2008
2404:6800:4004:81f::200a
2404:6800:4004:821::2003
2404:6800:4004:821::2004
2404:6800:4004:822::2002
2404:6800:4004:825::2002
2404:6800:4004:825::2003
2404:6800:4004:827::2001
2404:6800:4008:c00::9d
2406:2600:4::1
2406:2600:4::12
2406:2600:4::b
2600:9000:20e4:7800:0:e06c:e940:93a1
2600:9000:26a7:3e00:1e:5c56:d400:93a1
2606:4700:3034::6815:6009
2606:4700::6811:eec2
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
2a04:4e42:600::485
34.102.146.192
34.120.107.143
34.149.120.3
34.149.98.30
34.95.67.231
34.96.70.87
34.98.64.218
35.185.130.121
35.185.136.122
35.190.36.98
35.194.205.218
35.201.76.93
35.208.216.174
35.227.249.156
35.244.196.223
35.71.131.137
35.74.9.151
54.95.179.151
99.84.54.2
0234687ab7c26f0d3643b77bb57e1fef6159b02fc29bbcde139ebe4515027d0e
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
09b14cf5bc30a2a2216daf05987eabe58172a0a66ea88a05badab2dde8ccccf0
0a40944ee19f466c7bf95f5befbaacd5dde9de5d2f2f058fccb6865b630c0382
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ddf14ecd9d977359f720d8e2328a99eb6b1ad2d2a310c49b0642c224504cde5
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3
110dda1386a63421ea8c414c9df566440c2b222c218873dd3ef55a5c7d1ba8df
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4
162f0deb11224c5601f49d2c84c19247a0d606c338115c627b7bc5c802a9d107
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
1bfc58d97f61b305c0858386835e252ce39fc258aed116989db7f1ae124d1c6e
1d4b759e9aab66b450652af60633631b5878744b51ca08c68794dc00798cbb53
1fdf22533282692bbc0f9231f65e564823b8e1990339761783352259af382688
2575e2980d8d73040d5f0e42b0af4e6f3a1f380292cf8054ea5262d8b3bc869e
262d80c85d47c5f5b86abcbd64ed0958a46670100006c41b98232411d6172be4
264c9963c3c555a44aa2d03fc3f6b54d18972b7a33ee35dd713a98d3aa42a6b7
27ce2d1973c8a131d6e828cd3793c4ecaa277518950c34dfc9f6aecbb70fdf9b
2989dd9ae0c1ee3a8ad8da43a7df3c299f56abc56656343e5a3528e6dd8935c0
2a24a232bc6a7435a817f3acc9d7ddc59be36960865abe353963e44b8223094e
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2e30dc04b9a33bbc1591a93497cb143e52b2a69569e059c3790b7fb3aee39203
2f8e15342517755abc1831a42d004f007ab0e00cb26bbbd6aa6c4193d89bb882
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
3982abb0f8088cfdb3a4186cbe10b23a5935cfb2156ad6a2d155cc087857c14f
3a092f5e7d15e7d132f3043c1d3693bd4f3eb609e4c4a2dcf36f72e86fda6bcd
3c5c86001981c6a3c41974abad892cbc2729585b880f164a63532110a130a7fa
3d2c11ec04c461d9e2756458ceb2bc211bae576d409a68ef9cf7a119a44987f5
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
441e18180227e61d32c049dcf2b01109eb0d1e83f9c1335e0c25448cddc59fcf
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
469d4d0f83b5f36bbf22241eff44e58a8a1c54ed9e64f246fab82c8f9a19e8a9
46d5491aba85d4a5ba7d28a2aef81ce76349800c54cf6f5909bb4620fec770d5
481d86a73487c4edc6e1edeb26433134874e6c51a00c894d18ab7887e209ddfe
485e423e0bcaf8d5944f51d2628bfe4aae283711a48e77da090bba70a7339637
4952d97c9013418be3e4b014391c113cfe60624487dcbd14e13c1d8fa10fb66b
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
56b4da9549c2ea6db13d6695bd4737d776f9078e0a497e88b30bf9806ad44cf9
56e687887be4c418115fa34b4e7c8466f16ffce4ba5678efd915e69af36b1310
57281521094dd6fe0d1997e31eab51a203b0f338d39e730d260fdfecce621905
57368ece41381a5a935f619891b662820b734a91a4fa4c1d0c05e946f143c211
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
5e61b1924895912b716882d2d037501b7716aaab9ac5f2b138a9592c96c300b2
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622cba8c8c72e5862aa0873fbdec81452071fffbc730899bb59540fe6db8376b
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
64e8ff4e132cc584171632ce26ac5512a6d95d59a87e20dcb2d9f718ae966d82
69b8051ab1b22ac11773f10d68d967938867e49106696b6b4f711eaed804579a
69ce44c850d3728d53a284cdc8a06a6afc745bd5462095e8ba5a6bb0f464ee8d
6fc98828746801f4df4fdf0f91b936770fba881103beb3e7a5eb52f308baeb9f
6fe1470abea1c7d9d20252551a25fa83745e9a8ebfe33133b812f6c0383f2c12
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507
71fcb758a1b44ffea9ce29b94e3a97899f5735cbf0c62930415c7dc7d529322e
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167
77f9aedb9363c94c5ad4c8ad89025f48bf9afda382c093a7959cead70c08bd05
7910dae21c955c7fc7bcf9a9e3569b9a79870cd360260f48332d893cc11a4a6e
7af5386444d83eb5eef91bb28dc83036efa3c361deb344902b906a2622002749
7bef007895ab6a56310a23547958ed94d00f4fa4342c51547cbf763b96a9a0d5
7c030412fdec3ace1c06a77bfcd3e234979447c7fb42526ed910405bd1712a6c
7cc026e77db99baed94299cd918459abd5ed75961f32a638baa09029b7edaec1
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
81fb5c57f048aa98742723ab3f9fc839d722873c784ca3a39f73ee1459cf2d25
83207098d0bd47295ade8b9fcd0c0d2cb3196101d0051e83571da772dc7f1a29
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8452faae3cc4427bbabe13c15effe89b5f74600439456b6de7bee501dcf9ace4
867217676dd41030e4901a4bdd59868e568d3d16a7d08d73a89dbd46a3372bce
8761800fddb340215c1ee8417ebd1172572f9e09ed4c27f3f0dc2d9bc5091673
8a4e27b4a9b5dca43ee8f1009abd852cd5879cff95ca1a2bdc8e50836033b377
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8df5691a16c5560a40f00e7ddc53c79d5eed0cd43b22188fd465350a2f412f62
8e5ff228884766879dfbb7a4628438a3334725b3acfeed5ec1daf5dbe99a630c
8eaf5e2e04164421506382f0ac1944bf25bf37b3dae11abe2b76efc1c01ea3fa
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
909dc16db44609b043936045a28689c5dbcab37664b59492c3f3002da3114aa8
934bea02bb040ce07c8049792b27a09f159157e9cc4f36edb97a825e985992ce
947ea0259f58d0d3fa8f9d6f87ba299d4cc4379be52886936c56f358da9a5787
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
981482a48a67a3c76a964e77e6ab6a5647954b7e8dfeaf3d5d8c5c19ff6f90f6
981a2d0f65f8a9a243fa6b5f597e4219e95e11bbc3da29c2439e46bda4c6df6b
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
9962bf2e01643eeca6671ffe56e289e9ca8c71a9ad4587df2240eed151b42cd6
9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9e751282415f21a073991ab5a478f06c0cb076bcdcb236ab28688d5a93192fef
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a40e424d54800fc2704682930d3be386d0280b96a03869db6bf3894218f1eb7d
a4434a4db0eeb2d4853f8a33886154efe86f4450601756f3e1395624d1c304f7
a74eb0e4e103230052baf384d40ba004d41f92ecc60731900a7d8f231a94c5f1
a8f9c278cf4c2f019691840f0b9fa817ea1b5a7f325fa3e1f0753ce163b8f982
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
a9efc23982881716d29806a21bb57339e8477dc820a631c3c68d5837d177cf74
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b296345a92fa1a9645a0b5316c0d54e49ee0df4695af3a6f124f41fc65ad5b8c
b46c6a3bd4a3aec83ccd7b2d76c10bce24d5c4ffff1ebcb3e57b1fde96299f72
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5
bc6dbaca8fa4873c057d8ab46bbe5324766db282afaca1dac4323e38b3818a6e
bd0366660d2837d11ab498b4adbca774d02854cbb182aaba77f5bc96075df9fb
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
c6ad86600c42dc4ecd4e28850c29d734269486f857fa584f586985be45e14f65
ca8708ceeec43763993d2daff2d9d2ab337e64fcbba5031b6f626e609e2db08f
cb7fe7b68be275514b92d236b01a17bc5d2d4545bf20422cd91797402d6c5893
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda
d1df47727fca5e2e5950e51431d2a06779319efb969ae91e58f2c36d88e7cdf6
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d64629eb2aa76b0c8fb6316b36920860231576b7394658f4bdbe2f41dcaae06a
d942cf03765f0e2d4a9731bf8e75a59480c887b94367adc51ec067ab969d27f6
db3d085615ba3b01c33e66c935f43835768d124ceb46483e6e1aa2b48c8b068e
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2e67700945bed2a44fe0218ccd760c82122f8bc75a2a1a5b4d6a59054f446
e508422ef955779a859983a748833f131e41eca5f706ae23017e4bc1fdef40b2
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e938fcb2f5bf31d2401d0bb299ed640bd51ba5cd1606b9ff6160067b3888b14b
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
ec22f56b265b6fc06dcc37acafdd9fb34af80c5bfa8818747d5c0fa6d015a8ce
ec41fbef4bfd26838cdb6507acfb25439b7ee631dfa0753e7384521d004d37ae
ed217f84a2f42753409477460b63ce2ed71c6447b9ec89aa0abde7f42ae5bcf6
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d1839883afac63bb452dc7a99e04a84fe3c6835e0e1d36d81fc99f81be1284
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b
f5b79852ed9407b5657fd04241c72bd1b8303defa7df5f31f31babcbb3ac7383
f69e010b824195c77d69d66c690d07908e53e8403044250b3d500a4aa1cfdc68
f9c4e40302f3cd122b3d1fe1877a78e7052ed7a4b2190f1b02472e1e2e3567b3
fad41bf43b95675bd3f74f2194dcd5efc947245f44f7cf2437b22724fd41159f
fb83c74bb6ecf84215151d23e17e59295e13ac4a2e9b5b90607ac5fbba6d81f7