heroes.fws.tw Open in urlscan Pro
172.105.237.221 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heroes.fws.tw/
Effective URL:
https://heroes.fws.tw/
Submission: On November 22 via api (November 22nd 2023, 4:03:18 pm UTC) from US — Scanned from JP

Summary HTTP 259 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 36 IPs in 7 countries across 43 domains to perform 259 HTTP transactions. The main IP is 172.105.237.221, located in Tokyo, Japan and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is heroes.fws.tw.
TLS certificate: Issued by R3 on November 1st 2023. Valid for: 3 months.

This is the only time heroes.fws.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	172.105.237.221 172.105.237.221	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
15	2404:6800:400... 2404:6800:4004:828::2002	15169 (GOOGLE) (GOOGLE)
1	65.9.42.23 65.9.42.23	16509 (AMAZON-02) (AMAZON-02)
5	2404:6800:400... 2404:6800:4004:823::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:824::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2404:6800:400... 2404:6800:4008:c13::9d	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:400a:813::2008	15169 (GOOGLE) (GOOGLE)
3 20	2404:6800:400... 2404:6800:4004:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
36	2600:9000:20e... 2600:9000:20e4:1000:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
4	116.50.36.71 116.50.36.71	18046 (DONGFONG-...) (DONGFONG-TW DongFong Technology Co. Ltd.)
7	54.250.211.17 54.250.211.17	16509 (AMAZON-02) (AMAZON-02)
3	52.199.184.125 52.199.184.125	16509 (AMAZON-02) (AMAZON-02)
11	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
4 8	35.201.76.93 35.201.76.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8 45	142.251.42.194 142.251.42.194	15169 (GOOGLE) (GOOGLE)
4	35.227.249.156 35.227.249.156	15169 (GOOGLE) (GOOGLE)
4 8	2404:6800:400... 2404:6800:4004:826::2004	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:81e::2003	15169 (GOOGLE) (GOOGLE)
1	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	13.113.7.192 13.113.7.192	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
9	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
3	210.59.219.34 210.59.219.34	3462 (HINET Dat...) (HINET Data Communication Business Group)
5 10	35.190.36.98 35.190.36.98	15169 (GOOGLE) (GOOGLE)
5 5	172.105.221.29 172.105.221.29	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
6	2406:2600:4::12 2406:2600:4::12	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
21	2404:6800:400... 2404:6800:4004:80a::2001	15169 (GOOGLE) (GOOGLE)
1	2620:116:800e... 2620:116:800e:21:c338:3a39:7c0b:1a51	16509 (AMAZON-02) (AMAZON-02)
1 3	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	52.198.14.149 52.198.14.149	16509 (AMAZON-02) (AMAZON-02)
2 2	2406:da18:929... 2406:da18:929:5a03:f39c:a2b:35d9:afdd	16509 (AMAZON-02) (AMAZON-02)
1 1	51.79.152.76 51.79.152.76	16276 (OVH) (OVH)
1	183.79.219.124 183.79.219.124	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
3	2404:6800:400... 2404:6800:4004:823::200a	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:400a:80e::2003	15169 (GOOGLE) (GOOGLE)
2 2	34.124.209.251 34.124.209.251	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	52.73.244.107 52.73.244.107	14618 (AMAZON-AES) (AMAZON-AES)
1 1	185.196.197.130 185.196.197.130	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	18.179.244.128 18.179.244.128	16509 (AMAZON-02) (AMAZON-02)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 1	172.105.213.147 172.105.213.147	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
4 4	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1 1	15.197.162.181 15.197.162.181	16509 (AMAZON-02) (AMAZON-02)
2 2	23.36.17.70 23.36.17.70	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	18.176.234.133 18.176.234.133	16509 (AMAZON-02) (AMAZON-02)
1 1	52.73.146.218 52.73.146.218	14618 (AMAZON-AES) (AMAZON-AES)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
259	36

27 172.105.237.221 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: mail.fws.tw

heroes.fws.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2404:6800:4004:828::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.42.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-42-23.nrt12.r.cloudfront.net

cdn.doublemax.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:823::200e (Australia)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:824::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4008:c13::9d (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:813::2008 (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2404:6800:4004:810::2002 (Australia) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2600:9000:20e4:1000:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)

cm.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.250.211.17 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-250-211-17.ap-northeast-1.compute.amazonaws.com

cm-dev-poc.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.199.184.125 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-184-125.ap-northeast-1.compute.amazonaws.com

fcm2.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 203.75.214.136 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
997a671b-6fcf-415b-80fc-820075640b30.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.201.76.93 (Kansas City, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 142.251.42.194 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4004:826::2004 (Australia) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81e::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.113.7.192 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-7-192.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 210.59.219.34 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.190.36.98 (Kansas City, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.105.221.29 (Tokyo, Japan) 5 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1875-29.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2406:2600:4::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2404:6800:4004:80a::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800e:21:c338:3a39:7c0b:1a51 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.198.14.149 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-14-149.ap-northeast-1.compute.amazonaws.com

v9999.adv.admeme.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:da18:929:5a03:f39c:a2b:35d9:afdd (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.79.152.76 (Singapore, Singapore) 1 redirects

ASN16276 (OVH, FR)
PTR: ip76.ip-51-79-152.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.79.219.124 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

cksync.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:823::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:400a:80e::2003 (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.124.209.251 (Singapore, Singapore) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.209.124.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.244.107 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-244-107.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.196.197.130 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.159 (United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.179.244.128 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-244-128.ap-northeast-1.compute.amazonaws.com

ds.uncn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.213.147 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1867-147.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.213.12.39 (Tokyo, Japan) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.162.181 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a8590cb26bb827b98.awsglobalaccelerator.com

tracking.prismpartner.smt.docomo.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.17.70 (United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-17-70.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.176.234.133 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-234-133.ap-northeast-1.compute.amazonaws.com

cs.r-ad.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.146.218 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-146-218.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	holmesmind.com 4 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 99095 cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 140223 fcm.holmesmind.com — Cisco Umbrella Rank: 171076 Failed fcm2.holmesmind.com — Cisco Umbrella Rank: 131344 c.holmesmind.com — Cisco Umbrella Rank: 98234 m.holmesmind.com — Cisco Umbrella Rank: 148053 ad.holmesmind.com — Cisco Umbrella Rank: 93797	481 KB
57	doubleclick.net 11 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	165 KB
36	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	581 KB
27	fws.tw 1 redirects heroes.fws.tw	1 MB
16	appier.net 11 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 47637 gocm.c.appier.net — Cisco Umbrella Rank: 2603 a.c.appier.net — Cisco Umbrella Rank: 15453	4 KB
11	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 74825 997a671b-6fcf-415b-80fc-820075640b30.t.ssp.hinet.net	12 KB
9	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	128 KB
9	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 157	813 B
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
6	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 757	1 KB
5	youtube.com img.youtube.com — Cisco Umbrella Rank: 3752	58 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 351	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	255 KB
4	lndata.com cm.lndata.com — Cisco Umbrella Rank: 132817	2 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	196 KB
3	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377	1 KB
3	gstatic.com www.gstatic.com	17 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	2 KB
3	scupio.com prebid.scupio.com — Cisco Umbrella Rank: 85892	519 B
3	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 22680	526 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2101	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 580	1 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 795	1 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	1 KB
2	admeme.net 2 redirects v9999.adv.admeme.net — Cisco Umbrella Rank: 24882	612 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 353	878 B
2	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 25486	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	adkernel.com dsp.adkernel.com — Cisco Umbrella Rank: 6641	233 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 689	1 KB
1	r-ad.ne.jp 1 redirects cs.r-ad.ne.jp — Cisco Umbrella Rank: 98389	684 B
1	docomo.ne.jp 1 redirects tracking.prismpartner.smt.docomo.ne.jp — Cisco Umbrella Rank: 122462	312 B
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 1397	676 B
1	uncn.jp 1 redirects ds.uncn.jp — Cisco Umbrella Rank: 27875	516 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 9432	293 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4670	614 B
1	yahoo.co.jp cksync.yahoo.co.jp — Cisco Umbrella Rank: 3754	622 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 746	389 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	463 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	81 KB
1	doublemax.net cdn.doublemax.net — Cisco Umbrella Rank: 723683	3 KB
259	43

	Domain	Requested by
36	cdn.holmesmind.com	cdn.doublemax.net cdn.holmesmind.com ad.holmesmind.com heroes.fws.tw
35	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net heroes.fws.tw
27	heroes.fws.tw	1 redirects heroes.fws.tw
21	tpc.googlesyndication.com	googleads.g.doubleclick.net
20	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	heroes.fws.tw pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
11	ad.holmesmind.com	cdn.holmesmind.com heroes.fws.tw
10	ad2.apx.appier.net	5 redirects heroes.fws.tw
10	t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net
9	static.criteo.net	cdn.holmesmind.com heroes.fws.tw static.criteo.net
8	www.google.com	4 redirects heroes.fws.tw googleads.g.doubleclick.net
8	c.holmesmind.com	4 redirects cdn.holmesmind.com
7	cm-dev-poc.holmesmind.com	cdn.holmesmind.com
6	www.googleadservices.com	heroes.fws.tw
6	bidder.criteo.com	static.criteo.net
5	gocm.c.appier.net	5 redirects
5	img.youtube.com	heroes.fws.tw
4	x.bidswitch.net	4 redirects
4	www.googletagservices.com	googleads.g.doubleclick.net
4	m.holmesmind.com	cdn.holmesmind.com
4	cm.lndata.com	cdn.holmesmind.com
4	connect.facebook.net	heroes.fws.tw connect.facebook.net fcm2.holmesmind.com
3	px.ads.linkedin.com	3 redirects
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	prebid.scupio.com	cdn.holmesmind.com
3	prebid-asia.creativecdn.com	cdn.holmesmind.com
3	fcm2.holmesmind.com	cdn.holmesmind.com
2	e.dlx.addthis.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	um.simpli.fi	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	v9999.adv.admeme.net	2 redirects
2	match.adsrvr.org	2 redirects
2	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
2	www.google.co.jp	heroes.fws.tw
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.google-analytics.com	heroes.fws.tw www.google-analytics.com
1	dsp.adkernel.com	googleads.g.doubleclick.net
1	sync.srv.stackadapt.com	1 redirects
1	cs.r-ad.ne.jp	1 redirects
1	tracking.prismpartner.smt.docomo.ne.jp	1 redirects
1	a.c.appier.net	1 redirects
1	t.adx.opera.com	1 redirects
1	ds.uncn.jp	1 redirects
1	s.uuidksinc.net	1 redirects
1	fksnk.com	1 redirects
1	cksync.yahoo.co.jp	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	997a671b-6fcf-415b-80fc-820075640b30.t.ssp.hinet.net	cdn.holmesmind.com
1	analytics.google.com	www.googletagmanager.com
1	fcm.holmesmind.com	cdn.holmesmind.com
1	www.facebook.com	connect.facebook.net
1	www.googletagmanager.com	www.google-analytics.com
1	cdn.doublemax.net	heroes.fws.tw
259	57

This site contains links to these domains. Also see Links.

Domain
tw.nexon.com
forum.gamer.com.tw
mabinogi.fws.tw
www.facebook.com
creativecommons.org

Subject Issuer	Validity	Valid
heroes.fws.tw R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doublemax.net Go Daddy Secure Certificate Authority - G2	`2023-04-24` - `2024-05-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-31` - `2023-11-29`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
*.lndata.com GeoTrust RSA CA 2018	`2022-11-23` - `2023-12-24`	a year	crt.sh
*.t.ssp.hinet.net	`2023-04-06` - `2024-04-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2023-09-27` - `2024-10-27`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2023-07-28` - `2024-08-27`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 37 frames:

Primary Page: https://heroes.fws.tw/
Frame ID: A140D618C08CC274DFC5472F9DF0C6F6
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 06A4474B89A238F6A85FEF1D2DCEDB33
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 9AC7C9496C337C5676183DFFE33F2F7E
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 1BD8433FE949B223D3F51C3A41245875
Requests: 27 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: CCC852D894F422C5A69FA0E4CAF94B9F
Requests: 22 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 62239B058AD494D21AD91DF8649EDE25
Requests: 24 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: E7119424E5EE50397133788FB1A784BC
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 3487FECFF426A13160182B79E162F398
Requests: 7 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 810A83050B15C6FC0C5C7D499EE56FC9
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 8208CBFCEC754F6C43DC24944CFE4FA8
Requests: 5 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 042500C90EA4D5599E343B93DDFC025A
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: D87E0869D622559573331254BCADBE4E
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 1262FE20500B028DAE0529FE6F7AFBDA
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 0D41D8BF456EC972A837D15970321FCA
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: C0999C97A312A59E51742CE71817B50A
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: A144C4009F8A335D9C7F7EA9846FC5EA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3786120897915304&output=html&h=200&slotname=6046854383&adk=2923980901&adf=2555147040&pi=t.ma~as.6046854383&w=200&lmt=1700668993&url=https%3A%2F%2Fheroes.fws.tw%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700668993382&bpp=116&bdt=107&idt=514&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&correlator=6487858868370&frm=20&pv=2&ga_vid=2006913761.1700668993&ga_sid=1700668994&ga_hid=1624658640&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079757%2C44807764%2C44808149%2C44808284%2C44809055%2C31079698&oid=2&pvsid=966112613964548&tmod=463968993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=542
Frame ID: C5A5DCF56850E620EA8E5D1AED20F42B
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3786120897915304&output=html&adk=1812271804&adf=1573534164&lmt=1700668993&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fheroes.fws.tw%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700668993509&bpp=2&bdt=234&idt=428&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_slotnames=6046854383&nras=1&correlator=6487858868370&frm=20&pv=1&ga_vid=2006913761.1700668993&ga_sid=1700668994&ga_hid=1624658640&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079757%2C44807764%2C44808149%2C44808284%2C44809055&oid=2&pvsid=966112613964548&tmod=463968993&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=449
Frame ID: A237E841097CD5DCD81B06BFDD89A7AE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E7B58BB3EA9F70E1E38F0355DF02CB21
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A77D8F199893FB4CB02806089AA17607
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 24102A35BEEB95AC7BDEE98285BBC4CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3786120897915304&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700668994&rafmt=1&to=qs&pwprc=7679182516&format=1200x280&url=https%3A%2F%2Fheroes.fws.tw%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700668994667&bpp=1&bdt=1392&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dddbdf72f74819881%3AT%3D1700668993%3ART%3D1700668993%3AS%3DALNI_MYbmOb3eSPC4XZoVe5S3j_BgQzaGA&gpic=UID%3D00000c94403e5c22%3AT%3D1700668993%3ART%3D1700668993%3AS%3DALNI_MbGkjpsVuoNPRvdVmg8O0yj0vnfyQ&prev_fmts=0x0&prev_slotnames=6046854383&nras=2&correlator=6487858868370&frm=20&pv=1&ga_vid=2006913761.1700668993&ga_sid=1700668994&ga_hid=1624658640&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079757%2C44807764%2C44808149%2C44808284%2C44809055&oid=2&psts=AOrYGsl9-XcwGSf2Rr-EwuOwTRaAU-GfSgBZlquGulwRQZCAUqymww_Ata17WLaOkivUC5NqChFkfxjd8vT41ZFWQZ_QYJUR&pvsid=966112613964548&tmod=463968993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Frame ID: 19E03D88BD058CF9A4801D2B9502913E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3786120897915304&output=html&h=280&adk=4116931236&adf=3418144085&pi=t.aa~a.754343309~rp.1&w=975&fwrn=4&fwrnh=100&lmt=1700668994&rafmt=1&to=qs&pwprc=7679182516&format=975x280&url=https%3A%2F%2Fheroes.fws.tw%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700668994667&bpp=1&bdt=1391&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dddbdf72f74819881%3AT%3D1700668993%3ART%3D1700668993%3AS%3DALNI_MYbmOb3eSPC4XZoVe5S3j_BgQzaGA&gpic=UID%3D00000c94403e5c22%3AT%3D1700668993%3ART%3D1700668993%3AS%3DALNI_MbGkjpsVuoNPRvdVmg8O0yj0vnfyQ&prev_fmts=0x0%2C1200x280&prev_slotnames=6046854383&nras=3&correlator=6487858868370&frm=20&pv=1&ga_vid=2006913761.1700668993&ga_sid=1700668994&ga_hid=1624658640&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=313&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079757%2C44807764%2C44808149%2C44808284%2C44809055&oid=2&psts=AOrYGsl9-XcwGSf2Rr-EwuOwTRaAU-GfSgBZlquGulwRQZCAUqymww_Ata17WLaOkivUC5NqChFkfxjd8vT41ZFWQZ_QYJUR&pvsid=966112613964548&tmod=463968993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=8
Frame ID: 55DAA88F5D2D423A8839CF2CB0073958
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3786120897915304&output=html&h=90&adk=2480414160&adf=3296512626&pi=t.aa~a.678885450~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1700668994&rafmt=1&to=qs&pwprc=7679182516&format=974x90&url=https%3A%2F%2Fheroes.fws.tw%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700668994667&bpp=1&bdt=1391&idt=0&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dddbdf72f74819881%3AT%3D1700668993%3ART%3D1700668993%3AS%3DALNI_MYbmOb3eSPC4XZoVe5S3j_BgQzaGA&gpic=UID%3D00000c94403e5c22%3AT%3D1700668993%3ART%3D1700668993%3AS%3DALNI_MbGkjpsVuoNPRvdVmg8O0yj0vnfyQ&prev_fmts=0x0%2C1200x280%2C975x280&prev_slotnames=6046854383&nras=4&correlator=6487858868370&frm=20&pv=1&ga_vid=2006913761.1700668993&ga_sid=1700668994&ga_hid=1624658640&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=313&ady=2266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079757%2C44807764%2C44808149%2C44808284%2C44809055&oid=2&psts=AOrYGsl9-XcwGSf2Rr-EwuOwTRaAU-GfSgBZlquGulwRQZCAUqymww_Ata17WLaOkivUC5NqChFkfxjd8vT41ZFWQZ_QYJUR&pvsid=966112613964548&tmod=463968993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Frame ID: 5B29FFF2713D6E7E7567C0A4DDC52CF9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: CD7A01453E39C65C87CF883F71047E5C
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 6B1C281910BAAE24D7F1C741D0842DB2
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 47BF74477E11E6A65891EE979058C976
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AAC3DD9D9D1B2F12600D99739D46D226
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C52CA7D743D835EB6F6B6A1B224B00E6
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 684EA669E645B8722172AE0A1DE61E6B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EE5190D543469FBF6891E97C80768A44
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=e%E3%83%9E%E3%83%9C%E5%95%9FS%E3%80%8FFO%E3%80%8E%E3%83%AB%E3%83%90a%E9%96%89%E3%82%BB%EF%BC%B20%20%E9%96%8B%E9%97%9C%E3%82%B9%25m%E3%81%A7%E3%81%8C%E3%83%91t%EF%BC%92%E3%83%B3%E3%83%BC3
Frame ID: 82AF16B29AA300CB1FC2B8F27DD933A7
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6FFF52AA428A4465CB04A34CCE6336BD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8AF7B19850A5526250838D6A5818D2A2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 4426C01A43A64AD696306A4FD246BC2A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 652BBDBAC41ED86FF7F42B34B36EEEE9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: A8D3C113A0C3590FCB6D6C308A3D0887
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

新瑪奇英雄傳 :: 奇幻HEROES

Page URL History Show full URLs

http://heroes.fws.tw/ HTTP 301
https://heroes.fws.tw/ Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

259
Requests

84 %
HTTPS

40 %
IPv6

43
Domains

57
Subdomains

36
IPs

7
Countries

3343 kB
Transfer

6162 kB
Size

64
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://tw.nexon.com/mh/zh/home/
Title: 瑪奇英雄傳官方網站

Search URL Search Domain Scan URL

URL: http://forum.gamer.com.tw/B.php?bsn=16583
Title: 巴哈姆特瑪奇英雄傳哈拉版

Search URL Search Domain Scan URL

URL: http://mabinogi.fws.tw/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TW.PlayMH
Title: Nexon新瑪奇英雄傳

Search URL Search Domain Scan URL

URL: https://creativecommons.org/licenses/by-nc-nd/3.0/tw/
Title: 詳情

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heroes.fws.tw/ HTTP 301
https://heroes.fws.tw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 57

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=undefined&uu_m=undefined&google_tc= HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEMhjFQ1xnSsHbTSr9qkzt4M&google_cver=1

Request Chain 62

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=undefined&uu_m=undefined&google_tc= HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEH6qtvKMuCH_tlu9yg7h5sA&google_cver=1

Request Chain 69

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=undefined&uu_m=undefined&google_tc= HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEFC6s8DKYDSv9CSWGJpIxkU&google_cver=1

Request Chain 82

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=undefined&uu_m=undefined&google_tc= HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEDOhkc6Fy1lwvhtcTVAf13c&google_cver=1

Request Chain 114

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=wu8Zsc7CDc-SRKBNQSZeZQ

Request Chain 117

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=UrATqC8rBcuqCjKIQSZeZQ

Request Chain 118

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=BzLI0fZBDumFAIgsQSZeZQ

Request Chain 119

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=APSp7z2xBoaaS8yAQSZeZQ

Request Chain 121

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=_5S5T1WvDmiBkz_mQSZeZQ

Request Chain 157

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 159

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGlyHCp77nVoVMko9SUdKK8&google_cver=1&google_push=AXcoOmSPNIswRPFdmEESMuv8tZb-w2uFi8nHZ3GYBa7OgrbXEaxV8n9is224YNGS9Z99KsddXalLKq4I8497mEVxmSAz1R8Tcc2-cLnC&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSPNIswRPFdmEESMuv8tZb-w2uFi8nHZ3GYBa7OgrbXEaxV8n9is224YNGS9Z99KsddXalLKq4I8497mEVxmSAz1R8Tcc2-cLnC%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGlyHCp77nVoVMko9SUdKK8&google_cver=1&google_push=AXcoOmSPNIswRPFdmEESMuv8tZb-w2uFi8nHZ3GYBa7OgrbXEaxV8n9is224YNGS9Z99KsddXalLKq4I8497mEVxmSAz1R8Tcc2-cLnC&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSPNIswRPFdmEESMuv8tZb-w2uFi8nHZ3GYBa7OgrbXEaxV8n9is224YNGS9Z99KsddXalLKq4I8497mEVxmSAz1R8Tcc2-cLnC%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 160

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFNM4gy7N8MyYeR-1DK2lgU&google_cver=1&google_push=AXcoOmSd36OWlDBDdUVhyOfPjEfQ-7ogE1fJ9GDSMIWIhhxiANsmswuSx4oS8XbYViWn0vAciyF-9SpGSgwbaYpvznR6ts47qOOjsyfk HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEFNM4gy7N8MyYeR-1DK2lgU&google_cver=1&google_push=AXcoOmSd36OWlDBDdUVhyOfPjEfQ-7ogE1fJ9GDSMIWIhhxiANsmswuSx4oS8XbYViWn0vAciyF-9SpGSgwbaYpvznR6ts47qOOjsyfk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTIxMjgxMTktYzlmMy00ODVhLTllNmItMjA3YmIwOGRmN2Ey&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e2128119-c9f3-485a-9e6b-207bb08df7a2

Request Chain 161

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEMWqh_y_8MpfKMVR1rCR3tU&google_cver=1&google_push=AXcoOmSbhSBth3etjKkmexPjaJsszHeGuAElvE2cl8Suu_YVFjo_dk_50lJUUcVN7a7RG0nYkGBS_kj5c8nYlpgbwAeCMYjyKdUdA1AL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmSbhSBth3etjKkmexPjaJsszHeGuAElvE2cl8Suu_YVFjo_dk_50lJUUcVN7a7RG0nYkGBS_kj5c8nYlpgbwAeCMYjyKdUdA1AL

Request Chain 162

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFUnpFVYhSYw4Eor6g5YI5M&google_cver=1&google_push=AXcoOmRqt9Qqp1IsQnzVN7gI3eAL-zcCDfXg_pm0PwWAKwt0oFbMyyPZL4Nf7JuroyRDdkemWJBwnKd59SybogmxS-Dvv8vivnNCv-M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRqt9Qqp1IsQnzVN7gI3eAL-zcCDfXg_pm0PwWAKwt0oFbMyyPZL4Nf7JuroyRDdkemWJBwnKd59SybogmxS-Dvv8vivnNCv-M&google_hm=eS14blFMUmRGRTJwRzdJUS5LQTBYcTFmaUJkckU1c0xOOH5B

Request Chain 163

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFSm7fEssqN7vRRimocVo8c&google_cver=1&google_push=AXcoOmRbpsYxUXUhaJA33yZOGJns6RGl0b6Ns5iRdPxOHj2RsHzoO_lSEnqLOKzpi9Qjqe2OSMEFmO3_gZ2LjkRTdxwsMv_VqOy0PjpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRbpsYxUXUhaJA33yZOGJns6RGl0b6Ns5iRdPxOHj2RsHzoO_lSEnqLOKzpi9Qjqe2OSMEFmO3_gZ2LjkRTdxwsMv_VqOy0PjpI

Request Chain 177

https://googleads.g.doubleclick.net/pagead/adview?ai=CL1a-QSZeZdbDOq2Dpt8PtJiyyA_P_dyrdMf917qREsbY9IqMDhABIJ_j1wZgifPFhPQToAGJ-LzWAsgBAqkCGlLbW-zfPD6oAwHIA8kEqgTNAU_Q-saZz5VtM9vfr4LJItBDybS-ssRd57OlxuwqV4ifjXF7cy_HidHvlDYN_QoOAAMr2gvaU-rmhMek50FdR4E2v8qCPZVwkdnXIR3QEVpUR6WLWHn0SpQGhW-LCHFdw6m0OQp1TtqKsnXotrO_jqiGldkHyuNESzmIj2-yvMcVZi6XJrMwDv_6u2krQN2bFB1uhrAM7n5gDjjDLuzRcYVHjA0zQc8itEHUQeDyPD7YS6zdlLceuCRjyKwQPjveZvBD1Z5t_RnuDR702kXABNilmMbGBIgF19PRtk2gBgKAB9-Hw6kBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ06sN0ggUCIBhEAEYHzICigI6AoBASL39wTqaCSZodHRwczovL3d3dy5rYW8uY28uanAvaHVtbWluZy9zaG91c2h1L4AKAcgLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC2gwRCgsQ4KrW4PirpIObARICAQPYEwPQFQGAFwGyFxwKGggAEhRwdWItMzc4NjEyMDg5NzkxNTMwNBgA&sigh=c8348bNuFZ4&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNmYWXzN7SJ-0aGuB5Oe3ochuQQQJiPlUuyfrGJuAiZ5iiThmjW9XZjpDLuSxMd0R36xxhQZa3_hgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x22eb793064ad75800000000000000000%22,%222%22:%220x71b4db03656994e20000000000000000%22,%223%22:%220x87a7674d651236480000000000000000%22,%224%22:%220x873d167b3f87015f0000000000000000%22,%225%22:%220xc3a43a3d08090f810000000000000000%22},%22debug_key%22:%2211247466061083584530%22,%22debug_reporting%22:true,%22destination%22:%22https://kao.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22718224393%22],%224%22:[%2211-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214835330327726845313%22}&andc=true

Request Chain 210

https://um.simpli.fi/gp_match?google_gid=CAESEOFpq2Z6eAeLVsXCG3paIIA&google_cver=1&google_push=AXcoOmQmDW3HLDXLb3U4VmCaDfEtb06QiazRM3tiDwa4ZMf5n3aVKeDDxlh6PIkoxF6Wardwr3hc21bj6mfa3VOix2aWdmu_Kp-tkAU6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=ADDD7F774048480FB8DC14FDE795B1C6&google_push=AXcoOmQmDW3HLDXLb3U4VmCaDfEtb06QiazRM3tiDwa4ZMf5n3aVKeDDxlh6PIkoxF6Wardwr3hc21bj6mfa3VOix2aWdmu_Kp-tkAU6

Request Chain 211

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBSHX8E_fqzp99Qi8qnKFYE&google_cver=1&google_push=AXcoOmQS_fLia22kUlvVMKEd4VDg9YzdgJnV7B2IIy0_KeR3n-8WDYHYmv_dhbYbsaAgvIJu2BTeqiMi0SPGRXH2jWfUhQD_k-7HHYCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQS_fLia22kUlvVMKEd4VDg9YzdgJnV7B2IIy0_KeR3n-8WDYHYmv_dhbYbsaAgvIJu2BTeqiMi0SPGRXH2jWfUhQD_k-7HHYCg

Request Chain 212

https://fksnk.com/cs/google?google_gid=CAESEBM_3xiFAMw7wbG_qIowO9g&google_cver=1&google_push=AXcoOmQUI9IXclSd8-Af8NJpmgEHSi9WHVAlVT_qleo6XLZzw6xI2VXbGq2_DF809A5qnMCy1y4lvIAxpy2waQTcQ5HUw0Ci_SXdTWev HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NEEwMTAxNTE1NzQxREMwRg==

Request Chain 213

https://s.uuidksinc.net/match/47/?remote_uid=CAESELB3cwFV0RrDNyG10UgGgPI&c_param1=AXcoOmSdsPBbulZWKY8Ozo-vGFv89UV8cDRDqPSSP4EluGNpSuJlsv7BlJflSsDZES-08TZ2s89Cn_NzG6dkw1nAaaJRL5x3Cns1JYZU&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSdsPBbulZWKY8Ozo-vGFv89UV8cDRDqPSSP4EluGNpSuJlsv7BlJflSsDZES-08TZ2s89Cn_NzG6dkw1nAaaJRL5x3Cns1JYZU

Request Chain 214

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEHCWHmSWJ5peK0TphFYPC5M&google_cver=1&google_push=AXcoOmQk6aV9WgKbtzJjFaerw9tjoW_I8eYQO4jG1ZdJt3n1T544NshbJmDIj1oLc7HyizjjBQsJLPJ5QO78r_b-LP_HxPHevAeewI2b HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEHCWHmSWJ5peK0TphFYPC5M&google_push=AXcoOmQk6aV9WgKbtzJjFaerw9tjoW_I8eYQO4jG1ZdJt3n1T544NshbJmDIj1oLc7HyizjjBQsJLPJ5QO78r_b-LP_HxPHevAeewI2b&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQk6aV9WgKbtzJjFaerw9tjoW_I8eYQO4jG1ZdJt3n1T544NshbJmDIj1oLc7HyizjjBQsJLPJ5QO78r_b-LP_HxPHevAeewI2b&google_hm=cjgtYWxhQ3FGYTNVN3Z0blhoanM=

Request Chain 215

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEEnxLhxo-sIdxiMgyo0od3Y&google_cver=1&google_push=AXcoOmQ7rD22uiddhNOngtaawG_6v6DEAFvoCEl0ScFdMPjNz2-NEKKsg5eiu_A7EbUD9Cgppdz8Iy-rVdYfJAOOnL5UPwD4scSdIwHi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQ7rD22uiddhNOngtaawG_6v6DEAFvoCEl0ScFdMPjNz2-NEKKsg5eiu_A7EbUD9Cgppdz8Iy-rVdYfJAOOnL5UPwD4scSdIwHi&google_hm=AdkgUvdtIUvXjhU9qksoceE

Request Chain 216

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQx_qeGDcrI5wGzf5FQuD4Q65_x_tv6Wy8-z8FKMe_uzrRdMvszs5nPNsg-d-n99NPnjYOhWSEDQ_UDDaM-Z1x3e0-IbpA3MHWxow&google_gid=CAESEDQdcVSjyJIuBF8tIZOeHNQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDQdcVSjyJIuBF8tIZOeHNQ&google_hm=T1BVZTk4NDBhY2UwZjg0NDllMzg0MzA1ODQ5OGE5OWNlZGU&google_nid=opera_norway_as&google_push=AXcoOmQx_qeGDcrI5wGzf5FQuD4Q65_x_tv6Wy8-z8FKMe_uzrRdMvszs5nPNsg-d-n99NPnjYOhWSEDQ_UDDaM-Z1x3e0-IbpA3MHWxow

Request Chain 218

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 219

https://um.simpli.fi/gp_match?google_gid=CAESEOFpq2Z6eAeLVsXCG3paIIA&google_cver=1&google_push=AXcoOmR4Lf2Pp2Q8j8llNmgnkIuzQfJZay9YkGgWgtTmmrxmMA-7I4dM-DOy3DToP-EZ8dB30hY2pe7ZkayXnmgkZI_hARiEibivMb8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DE7CC9008C134407B0CC6E4CA865401B&google_push=AXcoOmR4Lf2Pp2Q8j8llNmgnkIuzQfJZay9YkGgWgtTmmrxmMA-7I4dM-DOy3DToP-EZ8dB30hY2pe7ZkayXnmgkZI_hARiEibivMb8

Request Chain 220

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBSHX8E_fqzp99Qi8qnKFYE&google_cver=1&google_push=AXcoOmQslizNAh_gy-w_nXngGRtwfo4ybQ0_lw-TJzN67Nxq8vAGjuiOw4ot6hA_I5j6JpsmfMloXjdOSJELtNU15_hJOX6ucL-4ww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQslizNAh_gy-w_nXngGRtwfo4ybQ0_lw-TJzN67Nxq8vAGjuiOw4ot6hA_I5j6JpsmfMloXjdOSJELtNU15_hJOX6ucL-4ww

Request Chain 221

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEMWqh_y_8MpfKMVR1rCR3tU&google_cver=1&google_push=AXcoOmTp_nXSRhEqxbvluWYSjsH8LHMg33Yb0nyxnGEJzTFIeHX3AFPPNeMx7Hb8KKtXWkm60S7z4Nvz3OWstQTQF9B0ml2qKKiKbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmTp_nXSRhEqxbvluWYSjsH8LHMg33Yb0nyxnGEJzTFIeHX3AFPPNeMx7Hb8KKtXWkm60S7z4Nvz3OWstQTQF9B0ml2qKKiKbA

Request Chain 222

https://a.c.appier.net/gcm?google_gid=CAESENOoDiZY6jaI7exj7zNghkk&google_cver=1&google_push=AXcoOmTNwOXc2Ju8wTxT_Nx4WZKY4k8hqVJD7oFvZwxlsDa9G4TWiBBKK1F8_u3sM6nPFceTpd0fb0yNXfx66_lwJ2Q_C0jbSIn0LK4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=d3U4WnNjN0NEYy1TUktCTlFTWmVaUQ%3D%3D&google_push=AXcoOmTNwOXc2Ju8wTxT_Nx4WZKY4k8hqVJD7oFvZwxlsDa9G4TWiBBKK1F8_u3sM6nPFceTpd0fb0yNXfx66_lwJ2Q_C0jbSIn0LK4

Request Chain 223

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFUnpFVYhSYw4Eor6g5YI5M&google_cver=1&google_push=AXcoOmQyWzNyGLrCWQNc-xJTTUsw-Fc3RbHk8SBr-wPYGgkCWZygYZcFAcTN5C5tWeM5PMDIBw0C5wiNZ6-ZsDAAYk60rP20MDspDA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQyWzNyGLrCWQNc-xJTTUsw-Fc3RbHk8SBr-wPYGgkCWZygYZcFAcTN5C5tWeM5PMDIBw0C5wiNZ6-ZsDAAYk60rP20MDspDA&google_hm=eS14blFMUmRGRTJwRzdJUS5LQTBYcTFmaUJkckU1c0xOOH5B

Request Chain 224

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESELqKBvREEO1NO4wGdlQX4dg&google_cver=1&google_push=AXcoOmT97TO1lGIoBgG4obdJeA-4iXXEmnqKUQFoP-r_rJW5JH4Np12OopADTvQh_2tt5OAxtIAiPM71UkQm6RytZcWrFcT0Zhr-_0s HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESELqKBvREEO1NO4wGdlQX4dg&google_cver=1&google_push=AXcoOmT97TO1lGIoBgG4obdJeA-4iXXEmnqKUQFoP-r_rJW5JH4Np12OopADTvQh_2tt5OAxtIAiPM71UkQm6RytZcWrFcT0Zhr-_0s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmT97TO1lGIoBgG4obdJeA-4iXXEmnqKUQFoP-r_rJW5JH4Np12OopADTvQh_2tt5OAxtIAiPM71UkQm6RytZcWrFcT0Zhr-_0s&google_hm=PKPpm-M5TOS_4cDL4QkjGw==

Request Chain 225

https://tracking.prismpartner.smt.docomo.ne.jp/sync/adx?google_gid=CAESEH4L8SX5qV03I3sWsgqy8P4&google_cver=1&google_push=AXcoOmTo2TsJwfmNT1srAjFxPQYKKSquwnfimULwU6OWTgpSEHi0gSTsr40U9oKKpVVcOfqZ6bRyBcB0gfQfyAAdPD7rw1gdDlPvDPZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=prism_partnerinc&google_hm=OCGW5N0aQUitN3KjH6NgwA&google_push=AXcoOmTo2TsJwfmNT1srAjFxPQYKKSquwnfimULwU6OWTgpSEHi0gSTsr40U9oKKpVVcOfqZ6bRyBcB0gfQfyAAdPD7rw1gdDlPvDPZU

Request Chain 227

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 241

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBSHX8E_fqzp99Qi8qnKFYE&google_cver=1&google_push=AXcoOmRh197U1SQnK3ZsG0kZ_WdNzzM4U-Pll8Q3cvhhGC6uXmxbVjiLcPawdCN0EOBGpC7IinLmHOkZccSnY3Kz0JxPxBwMTIY3my0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRh197U1SQnK3ZsG0kZ_WdNzzM4U-Pll8Q3cvhhGC6uXmxbVjiLcPawdCN0EOBGpC7IinLmHOkZccSnY3Kz0JxPxBwMTIY3my0

Request Chain 242

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmRM1_3rv4wOzg09YAOosUr__4mKrfs8A7Vo2KGbzJ-ZUrbrj6DJksLtRKM3tNvmGJ3lsS2OJ7R8EBh9lhx60Qp6PlyeaMS6AMg&google_gid=CAESEKxnqMMrQrxOFfX9FN53vNg&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmRM1_3rv4wOzg09YAOosUr__4mKrfs8A7Vo2KGbzJ-ZUrbrj6DJksLtRKM3tNvmGJ3lsS2OJ7R8EBh9lhx60Qp6PlyeaMS6AMg&google_gid=CAESEKxnqMMrQrxOFfX9FN53vNg&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMjIxNjAzMTUwMDA4NzU3NzgyNzY5MA%3D%3D&google_push=AXcoOmRM1_3rv4wOzg09YAOosUr__4mKrfs8A7Vo2KGbzJ-ZUrbrj6DJksLtRKM3tNvmGJ3lsS2OJ7R8EBh9lhx60Qp6PlyeaMS6AMg

Request Chain 243

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEIlAUjUsxFHprLKmStOy5bY&google_cver=1&google_push=AXcoOmRTC82MHHFbcZlS-H43EXKHMUJfkT6d5tOShNkZ7MIdQ9PmHEusEtwhA9asHoZZkmKYMmuPzjUKaDtJ-i0XAUdQDNHGEDQw9Ao HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmRTC82MHHFbcZlS-H43EXKHMUJfkT6d5tOShNkZ7MIdQ9PmHEusEtwhA9asHoZZkmKYMmuPzjUKaDtJ-i0XAUdQDNHGEDQw9Ao&google_hm=NTdURzNFMDFWQkRBSzAwN2g5Zjg

Request Chain 244

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESELqKBvREEO1NO4wGdlQX4dg&google_cver=1&google_push=AXcoOmRjO-ImdG26MPOGCrtNr5caX-Mgc42x6rMo8SuV4pityLoTdLVOiATlb1vBeQ0ggtNIr31DjCvgYq2x_wQZp464vpOKGR4lJw HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESELqKBvREEO1NO4wGdlQX4dg&google_cver=1&google_push=AXcoOmRjO-ImdG26MPOGCrtNr5caX-Mgc42x6rMo8SuV4pityLoTdLVOiATlb1vBeQ0ggtNIr31DjCvgYq2x_wQZp464vpOKGR4lJw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmRjO-ImdG26MPOGCrtNr5caX-Mgc42x6rMo8SuV4pityLoTdLVOiATlb1vBeQ0ggtNIr31DjCvgYq2x_wQZp464vpOKGR4lJw&google_hm=PKPpm-M5TOS_4cDL4QkjGw==

Request Chain 245

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKQ7dZsB1mo57M3zyexSDtU&google_cver=1&google_push=AXcoOmSbByEFcMCVHJeEqee1GRABfJrb31-ANgq7wJB1Lj_h693fVVWhlDeH1AvBVhvZ5o8mwWlsPCl3RMAnzR8VZXRN6FyvbJOy6xE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jsoMmg-FVohsPCSdOg444ZJGycs&google_push=AXcoOmSbByEFcMCVHJeEqee1GRABfJrb31-ANgq7wJB1Lj_h693fVVWhlDeH1AvBVhvZ5o8mwWlsPCl3RMAnzR8VZXRN6FyvbJOy6xE

Request Chain 248

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 251

https://googleads.g.doubleclick.net/pagead/adview?ai=Cd6XEQSZeZfrfPNGQ8wOp7LHgAYbyk610kZnul6US2tkeEAEgn-PXBmCJ88WE9BOgAbWK7-sCyAECqQIaUttb7N88PqgDAcgDyQSqBM4BT9A9zI--cf3PVjj6qA4rXqoTKz3A98ufL8TkZqaq0Y-YDaHxE-w7vjT-_0eNzVBAvwH9fWe_u5sbfbh_O-AOiaowIGUbkbYzSGJFpQ4OpfcNChChbmoFfMyo9GFRVY3t_24Xc0DG9xf0pfSCCSn_q81AO3mqdpUofo0m6bfcsJd2rik314DabGxZFmUuZR7KwEoU787yidwGQULVNoRZy0ESRibDdY7CT4f1UjB9gOgKZQfaQ1GxzaTar8v-lsLtcA1DN61UcGmZRSe7j6zABIy07piRBIgFlpOhqESSBQQIBBgBkgUECAUYBKAGAoAHs_WQlAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCCrAzSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJLGh0dHBzOi8vZXZlbnRzLm5jc29mdC5qcC8yMy9ibnMvMTFzb3VsYm9vc3QvgAoByAsBogwUKhIKEOS0sQLutbECtbixAru7sQLaDBAKChDw6525q9KWqTwSAgED2BMC0BUBgBcBshccChoIABIUcHViLTM3ODYxMjA4OTc5MTUzMDQYAA&sigh=SdYCzQutJ7A&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaN9pMI0bfu8vY1jeXM9fyYIcfHR_2Ik2GXeiqDGUK5qR-zzEReZ2DJ3stWR57OW75mgU5McwDbGAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc34e327a6a5d5f2c0000000000000000%22,%222%22:%220x174dd9e8bef4ea8e0000000000000000%22,%223%22:%220x4db8696510cf8f870000000000000000%22,%224%22:%220x6e488a83ad59a94d0000000000000000%22,%225%22:%220x7b2b4b7054492b5a0000000000000000%22},%22debug_key%22:%2216460640610060680577%22,%22debug_reporting%22:true,%22destination%22:%22https://ncsoft.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22763086133%22],%224%22:[%2211-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22650440625084128257%22}&andc=true

Request Chain 253

https://googleads.g.doubleclick.net/pagead/adview?ai=CHFnmQSZeZfzfPNGQ8wOp7LHgAcDi9oh015-Fx_gR2tkeEAEgn-PXBmCJ88WE9BOgAY613pUDyAECqQIaUttb7N88PqgDAcgDyQSqBNABT9AUcEr0W0kNVV_QgByaEXehAh1Fa_hWs_srxxQBHC_LS9stp-rp5GPzc1FnMom-5egdJrRZG7OCMOjm4VECgUbBGWrhsz03xf6nDpRj7oc5w3WNyw_JcnJo4Qs9UEWn8JQeZSt0jLJuz5KElq0SnZyB41ai6sg9loCPWbQRkLKYwA3UVZgbSnQBHhAFrppSYWTYywRiHcOvLPJLAe8HeaQfPEFPaCaOUqcrqo4SE6HDvS0VqXrhI4QHalxFAT3ORrnhjGpi1SWrEc78Pp_EtcAEmpyCjbEEiAWLsMGpTaAGAoAH2sqhaqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEMDFBtIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgknaHR0cHM6Ly9raW5yby5udHYuY28uanAvbGluZXVwLzIwMjMxMTI0gAoByAsBogwUKhIKEOS0sQLutbECtbixAru7sQLaDBAKChCwxYbGgYC56XsSAgED2BMD0BUBmBYBgBcBshccChoIABIUcHViLTM3ODYxMjA4OTc5MTUzMDQYAA&sigh=VNp23nvivkI&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaN9pMI0bfu8vY1jeXM9fyYIcfHR_2Ik2GXeiqDGUK5qR-zzEReZ2DJ3stWR57OW75mgU5McwDbGAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb3c2713083462d6c0000000000000000%22,%222%22:%220x91bc849c6d9496eb0000000000000000%22,%223%22:%220x15f0d42573036d130000000000000000%22,%224%22:%220xfe9b4ecf4e1190ec0000000000000000%22,%225%22:%220xd6ace7687c56f6b00000000000000000%22},%22debug_key%22:%224417805468365638240%22,%22debug_reporting%22:true,%22destination%22:%22https://ntv.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22850893454%22],%224%22:[%2211-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212902134297259323537%22}&andc=true

259 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
heroes.fws.tw/
Redirect Chain

http://heroes.fws.tw/
https://heroes.fws.tw/

35 KB
11 KB

113ms
107ms

Document
text/html

172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://heroes.fws.tw/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

bca6c0e5b93bc379b11654ac30cca2036d0f9ab0c4d7612ba84d43ca263dc57f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 16:03:13 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 22 Nov 2023 16:03:13 GMT
Location: https://heroes.fws.tw/
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN

GET
H2 200 index.php
heroes.fws.tw/min/ 33 KB
7 KB 8ms
5ms Stylesheet
text/css 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://heroes.fws.tw/min/index.php?b=css&f=reset.css,layout.css,system.css,js-jquery.notice/jquery.notice.css,js-jquery-blockUI/jquery.blockUI.css,index.css&t=2015091017

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

aede00b08890c2075d88ef07d1555858f0e381d069f5dfa2ead7ba66ffb8078a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: gzip
last-modified: Mon, 26 Jul 2021 12:41:33 GMT
server: nginx
etag: "pub1627303293;gz"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=1800, public
content-length: 7130
expires: Wed, 22 Nov 2023 16:33:13 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 24 KB
10 KB 99ms
47ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64ff0d69ff135e979c8dfe4aa352a0cafb2a05cbec69e6411a4cd4d82bad2e69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10182
x-xss-protection: 0
server: cafe
etag: 1125801100372308759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 16:03:13 GMT

GET
H2 200 mabinogi.fws.tw.gif
heroes.fws.tw/images/links/ 6 KB
6 KB 3ms
1ms Image
image/gif 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heroes.fws.tw/images/links/mabinogi.fws.tw.gif

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

fa113b69db3c3fd744da1ed543c786d62a6cfd363f448ee70eeebacabec3345b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Wed, 07 Aug 2013 18:00:14 GMT
server: nginx
etag: "52028b2e-164b"
x-frame-options: SAMEORIGIN
content-type: image/gif
accept-ranges: bytes
content-length: 5707

GET
H2 200 logo_200x40.png
heroes.fws.tw/images/ 6 KB
6 KB 4ms
3ms Image
image/png 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heroes.fws.tw/images/logo_200x40.png

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

454d7742bcebeffada5eaf2dbc06774bcf31f01d1de6067483e6b71e79d580b2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Wed, 07 Aug 2013 06:05:50 GMT
server: nginx
etag: "5201e3be-1647"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 5703

GET
H2 200 init.js Show response
cdn.doublemax.net/js/ 9 KB
3 KB 210ms
4ms Script
application/javascript 65.9.42.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doublemax.net/js/init.js
Requested by: Host: heroes.fws.tw
URL: https://heroes.fws.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.42.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-42-23.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
content-encoding: gzip
via: 1.1 332205537beb8db8f8773460fa04550c.cloudfront.net (CloudFront)
date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Wed, 15 Nov 2023 00:04:29 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-C5
age: 1
x-amz-server-side-encryption: AES256
etag: W/"2b18447e41c64d14195cefd72eb57400"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: nf3b1tlsmt_BzxGeYJfESphRt_rT0VtpOHGliAiK8oLoo9PPJkd-SA==

GET
H2 200 374c8c5dd1de820e220ae0d546f33cc4_480.jpg
heroes.fws.tw/uploads/screenshots/37/4c/ 134 KB
135 KB 4ms
2ms Image
image/jpeg 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heroes.fws.tw/uploads/screenshots/37/4c/374c8c5dd1de820e220ae0d546f33cc4_480.jpg

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

84370c62a8a50d35cc9b47bf485efbba0dac442b366a338310e3df1605b42ace

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Sun, 05 Mar 2023 15:35:12 GMT
server: nginx
etag: "6404b6b0-21914"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
content-length: 137492

GET
H2 200 7b777b01d87001a7cc5c6ef1292ae44b_480.jpg
heroes.fws.tw/uploads/screenshots/7b/77/ 136 KB
136 KB 6ms
5ms Image
image/jpeg 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heroes.fws.tw/uploads/screenshots/7b/77/7b777b01d87001a7cc5c6ef1292ae44b_480.jpg

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

16191b1aad4c5728ea76a5d026e674004547558d71a166df2560695c7b6cd52b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Sun, 05 Mar 2023 15:28:25 GMT
server: nginx
etag: "6404b519-22094"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
content-length: 139412

GET
H2 200 35016af6c850bfc3bd5318b45342cb4a_480.jpg
heroes.fws.tw/uploads/screenshots/35/01/ 138 KB
138 KB 1ms
1ms Image
image/jpeg 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heroes.fws.tw/uploads/screenshots/35/01/35016af6c850bfc3bd5318b45342cb4a_480.jpg

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

e4eb8b2c1a06570881e8eff7bea732fcddd5070597956fee9e0d60b92b72fdad

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Sun, 05 Mar 2023 15:33:20 GMT
server: nginx
etag: "6404b640-2277b"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
content-length: 141179

GET
H2 200 f7fae2dbfb0b604f9c4944321691ed3c_480.jpg
heroes.fws.tw/uploads/screenshots/f7/fa/ 306 KB
307 KB 7ms
4ms Image
image/jpeg 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heroes.fws.tw/uploads/screenshots/f7/fa/f7fae2dbfb0b604f9c4944321691ed3c_480.jpg

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

d4ab91c0a11e9470dd1a9d7824080978b09c54abe17dc82c5b3994c903485327

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Sun, 17 May 2020 17:25:04 GMT
server: nginx
etag: "5ec17370-4c9aa"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
content-length: 313770

GET
H2 200 f1826d4b72313423de6026213eff8470_480.jpg
heroes.fws.tw/uploads/screenshots/f1/82/ 140 KB
140 KB 11ms
8ms Image
image/jpeg 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heroes.fws.tw/uploads/screenshots/f1/82/f1826d4b72313423de6026213eff8470_480.jpg

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

0bab4c8b17495850b37555f64c7876bbdf5dfb406778acf96e58dddfc497d967

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Sun, 05 Mar 2023 15:31:04 GMT
server: nginx
etag: "6404b5b8-22e0c"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
content-length: 142860

GET
H2 200 1cfdbfe249920c67d8e083c5eba87d57_480.jpg
heroes.fws.tw/uploads/screenshots/1c/fd/ 280 KB
280 KB 11ms
8ms Image
image/jpeg 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heroes.fws.tw/uploads/screenshots/1c/fd/1cfdbfe249920c67d8e083c5eba87d57_480.jpg

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

21e52f95d8d14e2be9f825c76f6724e71512c94642f84ca5fac0ea6a3648c0a7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Sat, 22 Feb 2020 19:36:03 GMT
server: nginx
etag: "5e5182a3-45ef1"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
content-length: 286449

GET
H2 200 c51cedcdb96ec5ad64caf9edba64a771_150.jpg
heroes.fws.tw/uploads/galleries/c5/1c/ 14 KB
14 KB 11ms
9ms Image
image/jpeg 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heroes.fws.tw/uploads/galleries/c5/1c/c51cedcdb96ec5ad64caf9edba64a771_150.jpg

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

7868353588939c8edca3210702868cb35f4e237b7367b78674e90b5ddcb7b7a6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Tue, 25 Feb 2020 07:27:39 GMT
server: nginx
etag: "5e54cc6b-3943"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
content-length: 14659

GET
H2 200 8981ba9ab93d67c8a245b1ba49c95b2c_150.jpg
heroes.fws.tw/uploads/galleries/89/81/ 10 KB
10 KB 11ms
9ms Image
image/jpeg 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heroes.fws.tw/uploads/galleries/89/81/8981ba9ab93d67c8a245b1ba49c95b2c_150.jpg

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

b23f95f5b27a5e49285084438253c36e395707c9821a0246f87e315562952808

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Thu, 28 Nov 2019 16:31:07 GMT
server: nginx
etag: "5ddff64b-27ee"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
content-length: 10222

GET
H2 200 3a3a29bdc22358bd9d0b3e97c18ae2dc_150.jpg
heroes.fws.tw/uploads/galleries/3a/3a/ 7 KB
7 KB 11ms
9ms Image
image/jpeg 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heroes.fws.tw/uploads/galleries/3a/3a/3a3a29bdc22358bd9d0b3e97c18ae2dc_150.jpg

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

ffd5f8f8beaf92a626e9f8e75403aafdb4e264fcc4f069ce04c4944b8bed4826

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Wed, 26 Nov 2014 21:40:45 GMT
server: nginx
etag: "547648dd-1a77"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
content-length: 6775

GET
H2 404 469_640.
heroes.fws.tw/uploads/events/ 633 B
633 B 20ms
18ms Image
text/html 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heroes.fws.tw/uploads/events/469_640.
Requested by: Host: heroes.fws.tw
URL: https://heroes.fws.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: mail.fws.tw
Software: nginx /
Resource Hash: c244e79a27e9005194ed1d127779726a04b573104f9363c6581c3cc4953ba7d7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: gzip
server: nginx
content-type: text/html; charset=UTF-8

GET
H2 404 470_640.
heroes.fws.tw/uploads/events/ 633 B
633 B 20ms
18ms Image
text/html 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heroes.fws.tw/uploads/events/470_640.
Requested by: Host: heroes.fws.tw
URL: https://heroes.fws.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: mail.fws.tw
Software: nginx /
Resource Hash: c244e79a27e9005194ed1d127779726a04b573104f9363c6581c3cc4953ba7d7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: gzip
server: nginx
content-type: text/html; charset=UTF-8

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/GpbdJRHe1kQ/ 14 KB
14 KB 132ms
50ms Image
image/jpeg 2404:6800:4004:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/GpbdJRHe1kQ/mqdefault.jpg

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f745c0340723027f927c6e86a99499f9ce65e516de0828874b07687db1e4a570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14298
x-xss-protection: 0
server: sffe
etag: "1442940039"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Nov 2023 18:03:13 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/ci6wbyt6B7c/ 10 KB
11 KB 164ms
82ms Image
image/jpeg 2404:6800:4004:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/ci6wbyt6B7c/mqdefault.jpg

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19986902674c86b942ac30a01971b57fa943279966dfede3010de4ea80662df1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10686
x-xss-protection: 0
server: sffe
etag: "1447239841"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Nov 2023 18:03:13 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/NzBgc_mGqYQ/ 13 KB
13 KB 129ms
47ms Image
image/jpeg 2404:6800:4004:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/NzBgc_mGqYQ/mqdefault.jpg

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0117bac541af145608682cc14c09eeb12f25017e927bc47e437c968b24d7423b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13251
x-xss-protection: 0
server: sffe
etag: "1447059855"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Nov 2023 18:03:13 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/pY0jql4wtWk/ 9 KB
9 KB 128ms
47ms Image
image/jpeg 2404:6800:4004:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/pY0jql4wtWk/mqdefault.jpg

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4ae64422c005ec3637d4696aa288a0838927f2de5c502b9130379a30a4b1f57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9027
x-xss-protection: 0
server: sffe
etag: "1446123826"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Nov 2023 18:03:13 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/_qIhsJq4AOM/ 11 KB
11 KB 163ms
81ms Image
image/jpeg 2404:6800:4004:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/_qIhsJq4AOM/mqdefault.jpg

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13caec60baa9c9e8c3946352ffd5b31a7b3b6a70652883c8ea5c2ca1811318df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11566
x-xss-protection: 0
server: sffe
etag: "1445762825"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Nov 2023 18:03:13 GMT

GET
H2 200 jquery.min.js Show response
heroes.fws.tw/js/jquery/1.8.0/ 90 KB
91 KB 4ms
3ms Script
application/javascript 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://heroes.fws.tw/js/jquery/1.8.0/jquery.min.js

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Tue, 28 Jun 2016 15:52:15 GMT
server: nginx
etag: "57729d2f-1698b"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 92555

GET
H2 200 0910 Show response
heroes.fws.tw/api/facebook/script/ 491 B
709 B 22ms
22ms Script
application/x-javascript 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://heroes.fws.tw/api/facebook/script/0910

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

ab4ab77b11b8d2af410265ebb3bc5b174f16dc2707d7e5f48a3770d4720b7dda

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Wed, 22 Nov 2023 16:00:00 GMT
server: nginx
etag: "etag-api-facebook-script-0910"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=3600
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 index.php Show response
heroes.fws.tw/min/ 19 KB
6 KB 17ms
14ms Script
application/x-javascript 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://heroes.fws.tw/min/index.php?b=js&f=jquery.notice.js,common/comments.js,layout.ready.js,jquery.blockUI/jquery.blockUI.js,jquery.blockUI/jquery.blockUI.init.js,jquery.marquee.js,index.js&t=2015091017

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

ed42acecb2c1a76ac5e2f20e6340f0ef8a2444ce87ca1f149d4600b2acace16d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2016 15:52:15 GMT
server: nginx
etag: "pub1467129135;gz"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=1800, public
content-length: 6182
expires: Wed, 22 Nov 2023 16:33:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 47ms
2ms Script
text/javascript 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 15:30:36 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1957
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 22 Nov 2023 17:30:36 GMT

GET
H2 200 page_bg.png
heroes.fws.tw/images/layout/ 1 KB
1 KB 10ms
9ms Image
image/png 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heroes.fws.tw/images/layout/page_bg.png

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/min/index.php?b=css&f=reset.css,layout.css,system.css,js-jquery.notice/jquery.notice.css,js-jquery-blockUI/jquery.blockUI.css,index.css&t=2015091017

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

b011920bee300becf8eb656555ff2205a49c72daeb9a29bfc666008514184711

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/min/index.php?b=css&f=reset.css,layout.css,system.css,js-jquery.notice/jquery.notice.css,js-jquery-blockUI/jquery.blockUI.css,index.css&t=2015091017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Wed, 07 Aug 2013 06:05:50 GMT
server: nginx
etag: "5201e3be-496"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 1174

GET
H2 200 logo.png
heroes.fws.tw/images/header/ 4 KB
4 KB 10ms
9ms Image
image/png 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heroes.fws.tw/images/header/logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

8ff63409652cf38dfe846768ea9fc2a2bf12f8a79f40e4da204a4b366f782745

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/min/index.php?b=css&f=reset.css,layout.css,system.css,js-jquery.notice/jquery.notice.css,js-jquery-blockUI/jquery.blockUI.css,index.css&t=2015091017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Wed, 07 Aug 2013 06:05:50 GMT
server: nginx
etag: "5201e3be-10d1"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 4305

GET
H2 200 header.png
heroes.fws.tw/images/header/ 14 KB
14 KB 10ms
9ms Image
image/png 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heroes.fws.tw/images/header/header.png?0919

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

f7df937fc1f214a4e575e074a35b9d5f50efc38165bfcc574e2912e77ae02c49

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/min/index.php?b=css&f=reset.css,layout.css,system.css,js-jquery.notice/jquery.notice.css,js-jquery-blockUI/jquery.blockUI.css,index.css&t=2015091017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Wed, 07 Aug 2013 06:05:50 GMT
server: nginx
etag: "5201e3be-373c"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 14140

GET
H2 200 header_links.png
heroes.fws.tw/images/header/ 3 KB
3 KB 10ms
9ms Image
image/png 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heroes.fws.tw/images/header/header_links.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

4ed6e216ee097c6895fa51a43bb1c2fbf1c3ad179c815a2a6f5d66d527ed0d6e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/min/index.php?b=css&f=reset.css,layout.css,system.css,js-jquery.notice/jquery.notice.css,js-jquery-blockUI/jquery.blockUI.css,index.css&t=2015091017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Wed, 07 Aug 2013 06:05:50 GMT
server: nginx
etag: "5201e3be-aef"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 2799

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
52 KB 87ms
86ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7372ad48f6f1e88c1d7396eaaf4e39e7a6172fd3fcec4f9cbf5600c0e13b75a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52732
x-xss-protection: 0
server: cafe
etag: 8591404333032339346
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 16:03:13 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
2 KB 83ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/api/facebook/script/0910

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ac599557be056f1cd4fe72d05c0ee0e8435c200f1023d3eb68cb184c430a4dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 16:03:13 GMT
content-md5: swJKhS+PcigaoYif9v+dXw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints
x-fb-debug: +HRO1x9WepmkFAVtfkaLn9pZNX2GbjL6vyjgwDVaHBy8a1tHVSaVqNODDfDt6liIyGTdSU+Jlv3DXfhk/f9zHQ==
x-fb-content-md5: bd92cf1ddf2cf603af4521015af284bf
cross-origin-opener-policy: same-origin-allow-popups
etag: "f607cbf802392ccc6e7a8e3a18696fc8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 22 Nov 2023 16:21:53 GMT

GET
H2 200 join_us.png
heroes.fws.tw/images/menu/ 2 KB
2 KB 1ms
1ms Image
image/png 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heroes.fws.tw/images/menu/join_us.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

cb8e86ed483dc891a2a2bfac4028f348c8fa825166ab730d9c61871dfb87ccbd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/min/index.php?b=css&f=reset.css,layout.css,system.css,js-jquery.notice/jquery.notice.css,js-jquery-blockUI/jquery.blockUI.css,index.css&t=2015091017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Wed, 07 Aug 2013 06:05:50 GMT
server: nginx
etag: "5201e3be-8a0"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 2208

GET
H2 200 menu.png
heroes.fws.tw/images/menu/ 10 KB
11 KB 2ms
1ms Image
image/png 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heroes.fws.tw/images/menu/menu.png?0520

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

5ab2323cd93bdc22bade9a8cc0f97987397b89024ebaf6b8666ced25c0fbaadd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/min/index.php?b=css&f=reset.css,layout.css,system.css,js-jquery.notice/jquery.notice.css,js-jquery-blockUI/jquery.blockUI.css,index.css&t=2015091017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Tue, 20 May 2014 05:58:53 GMT
server: nginx
etag: "537aef1d-2986"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 10630

GET
H2 200 table_head.png
heroes.fws.tw/images/layout/ 5 KB
5 KB 2ms
1ms Image
image/png 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heroes.fws.tw/images/layout/table_head.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

274df39a6f9df7270ac4c38f280477df5b94008672bfe84ff1b25b096b7b04f5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/min/index.php?b=css&f=reset.css,layout.css,system.css,js-jquery.notice/jquery.notice.css,js-jquery-blockUI/jquery.blockUI.css,index.css&t=2015091017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Wed, 07 Aug 2013 06:05:50 GMT
server: nginx
etag: "5201e3be-14ab"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 5291

GET
H2 200 index.png
heroes.fws.tw/images/index/ 1 KB
1 KB 2ms
1ms Image
image/png 172.105.237.221
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heroes.fws.tw/images/index/index.png?20120810

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.105.237.221 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

mail.fws.tw

Software

nginx /

Resource Hash

d9e728ad46382631e6f4dfcd841a85850c44ede76e0d09939f73425ddcb7eb7e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/min/index.php?b=css&f=reset.css,layout.css,system.css,js-jquery.notice/jquery.notice.css,js-jquery-blockUI/jquery.blockUI.css,index.css&t=2015091017
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
last-modified: Wed, 07 Aug 2013 06:05:50 GMT
server: nginx
etag: "5201e3be-4a5"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 1189

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
220 B 39ms
38ms XHR
text/plain 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1624658640&t=pageview&_s=1&dl=https%3A%2F%2Fheroes.fws.tw%2F&ul=en-us&de=UTF-8&dt=%E6%96%B0%E7%91%AA%E5%A5%87%E8%8B%B1%E9%9B%84%E5%82%B3%20%3A%3A%20%E5%A5%87%E5%B9%BBHEROES&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1972906697&gjid=2038832601&cid=2006913761.1700668993&tid=UA-6884291-6&_gid=2144330126.1700668993&_r=1&_slc=1&z=1347213445

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b1336e33edf8e9e1f3759332ebc171168000e0bd3bcba0580eef9a32a22a0f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://heroes.fws.tw/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heroes.fws.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
350 B 117ms
38ms XHR
text/plain 2404:6800:4008:c13::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6884291-6&cid=2006913761.1700668993&jid=1972906697&gjid=2038832601&_gid=2144330126.1700668993&_u=IEBAAEAAAAAAACAAI~&z=1327741574

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c13::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://heroes.fws.tw/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 22 Nov 2023 16:03:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heroes.fws.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
81 KB 113ms
58ms Script
application/javascript 2404:6800:400a:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XCDZWDFBWS&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:813::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3aa626b76f650dec26370b9cef79d96ea01eeae1e9f32bca0fac005c2bb41902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82894
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 16:03:13 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ 303 KB
87 KB 6ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=1b462c0709cc9fa78da1eb741e69f546

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b10d01c5f8584254eec298d5b61ffacbb63e8418b73cf2bd67e1826ba836d374

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://heroes.fws.tw/
Origin: https://heroes.fws.tw
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 16:03:13 GMT
content-md5: JJ4OyeQ3U9CgB2wMy774/A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88501
reporting-endpoints
x-fb-debug: LaDbIpsKGtIGqvmkh7XDGa/pztMWrHYTO6+zjPGPgce3F0A8X6AF0ropkaUUe2R5FVuBqIdLfozMsUi7HmPJmg==
x-fb-content-md5: 3a7d2cbd4aa531146ac98d1dd3d3f7d7
cross-origin-opener-policy: same-origin-allow-popups
etag: "7442b679c0c14744f352490e8440d223"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 21 Nov 2024 14:56:39 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 127ms
126ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0801c5b0c2816077526af9583a41e85d5738a790a8ba13cb2c71be13db7820d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137252
x-xss-protection: 0
server: cafe
etag: 17406922659731280260
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 16:03:13 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 06A4 9 KB
4 KB 41ms
2ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heroes.fws.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 47026
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 02:59:27 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 02:59:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 152ms
142ms Fetch
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=335682796514071&input_token&origin=1&redirect_uri=https%3A%2F%2Fheroes.fws.tw%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=1b462c0709cc9fa78da1eb741e69f546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Wed, 22 Nov 2023 16:03:13 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: R7ySYtu/tQR87xshyFpSEV/sSF4YF1yn7ForfHChLJg5H0g2PiBeHaf3W+KC1C3bqnQX/wsKkCShzKc7EKi0wA==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://heroes.fws.tw
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 9AC7 10 KB
10 KB 38ms
5ms Document
text/html 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer: https://heroes.fws.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 38
content-length: 9921
content-type: text/html
date: Wed, 22 Nov 2023 16:02:36 GMT
etag: "d9100a146ee339f43d0752ef9c998a0d"
last-modified: Tue, 17 Oct 2023 03:41:19 GMT
server: AmazonS3
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
x-amz-cf-id: tCb3tIdS2dFcHq7gXeqYqKrBeVHUHQBlmHqJFdmaY7OJXEuOHnVf1Q==
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache: Hit from cloudfront

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 1BD8 11 KB
11 KB 28ms
8ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e79dbbde99ef7b16ca553a9d4e659882ec86b9a194d98f16b45608a3c0a12159

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 7kzf.rPoPxeHW3CzBckwCl8NVUuutn6x
date: Wed, 22 Nov 2023 16:02:25 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 00:03:18 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 49
x-amz-server-side-encryption: AES256
etag: "17146d34b58c03c1f94c3989044d7b33"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10893
x-amz-cf-id: 79vRrbtPfWzr-lIc8gqS1udb_QXOMHRbdqStGNR3Ny9HdLYN2ndvQg==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame CCC8 11 KB
11 KB 24ms
8ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e79dbbde99ef7b16ca553a9d4e659882ec86b9a194d98f16b45608a3c0a12159

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 7kzf.rPoPxeHW3CzBckwCl8NVUuutn6x
date: Wed, 22 Nov 2023 16:02:47 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 00:03:18 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 49
x-amz-server-side-encryption: AES256
etag: "17146d34b58c03c1f94c3989044d7b33"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10893
x-amz-cf-id: EnaN2gjnH0VxaA_vwUFx6siGAlP-K2-xxqVqysvQTmMyMarq-nTqEg==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 6223 11 KB
11 KB 18ms
7ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e79dbbde99ef7b16ca553a9d4e659882ec86b9a194d98f16b45608a3c0a12159

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 7kzf.rPoPxeHW3CzBckwCl8NVUuutn6x
date: Wed, 22 Nov 2023 16:02:47 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 00:03:18 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 49
x-amz-server-side-encryption: AES256
etag: "17146d34b58c03c1f94c3989044d7b33"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10893
x-amz-cf-id: HrROQV4-G6R9JUUkxCCGByYn_j_SKBdJVyKs0RiaiqQPFXkJUiFsCw==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame E711 11 KB
11 KB 15ms
9ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e79dbbde99ef7b16ca553a9d4e659882ec86b9a194d98f16b45608a3c0a12159

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 7kzf.rPoPxeHW3CzBckwCl8NVUuutn6x
date: Wed, 22 Nov 2023 16:02:47 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 00:03:18 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 49
x-amz-server-side-encryption: AES256
etag: "17146d34b58c03c1f94c3989044d7b33"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10893
x-amz-cf-id: d3QHutQ6pX8RW3pjzmMtZNZ3EP4bCPz54nMaL4nqU6qaJBobCx3tUQ==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 3487 10 KB
10 KB 11ms
6ms Document
text/html 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer: https://heroes.fws.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 38
content-length: 9921
content-type: text/html
date: Wed, 22 Nov 2023 16:02:37 GMT
etag: "d9100a146ee339f43d0752ef9c998a0d"
last-modified: Tue, 17 Oct 2023 03:41:19 GMT
server: AmazonS3
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
x-amz-cf-id: raejiINbmV5rRhyizjBHCxYyxAAIGbvVkGWeRGvrm3DWmIfYH2YCTg==
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache: Hit from cloudfront

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 810A 10 KB
10 KB 10ms
6ms Document
text/html 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer: https://heroes.fws.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 38
content-length: 9921
content-type: text/html
date: Wed, 22 Nov 2023 16:02:37 GMT
etag: "d9100a146ee339f43d0752ef9c998a0d"
last-modified: Tue, 17 Oct 2023 03:41:19 GMT
server: AmazonS3
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
x-amz-cf-id: qqnChLkX950m8ASwyUUOWbqYHB-kChMH-edI6lA7sE4XPn4MwjYIfw==
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache: Hit from cloudfront

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 8208 10 KB
10 KB 9ms
7ms Document
text/html 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer: https://heroes.fws.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 38
content-length: 9921
content-type: text/html
date: Wed, 22 Nov 2023 16:02:37 GMT
etag: "d9100a146ee339f43d0752ef9c998a0d"
last-modified: Tue, 17 Oct 2023 03:41:19 GMT
server: AmazonS3
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
x-amz-cf-id: LEOdX_LyI3zqVhvINYXYLKOr43ClKpjvxrpuEvzYd0i4XZ_hWHevEg==
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache: Hit from cloudfront

GET
H/1.1 200
OK /
cm.lndata.com/ Frame 9AC7 35 B
470 B 367ms
69ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 22 Nov 2023 16:03:13 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 0425 0
217 B 22ms
7ms Document
text/html 54.250.211.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.250.211.17 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-250-211-17.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 16:03:13 GMT
server: nginx/1.18.0 (Ubuntu)

GET cm.php
fcm.holmesmind.com/ Frame D87E 0
0

GET
H2 200 cm.js Show response
fcm2.holmesmind.com/ Frame 9AC7 409 B
632 B 18ms
4ms Script
application/javascript 52.199.184.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm2.holmesmind.com/cm.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.199.184.125 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-199-184-125.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 16:03:13 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript; charset=utf-8

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 9AC7 5 KB
3 KB 194ms
62ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Wed, 22 Nov 2023 16:13:13 GMT

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 9AC7 0
218 B 17ms
3ms Image
text/html 54.250.211.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.250.211.17 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-250-211-17.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2

200

cm
c.holmesmind.com/ Frame 9AC7
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
508 B

153ms
152ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Wed, 22 Nov 2023 16:03:14 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2

200

google
m.holmesmind.com/ml/ Frame 9AC7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=undefined&uu_m=undefined&google_tc=
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEMhjFQ1xnSsHbTSr9qkzt4M&google_cver=1

0
143 B

32ms
19ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEMhjFQ1xnSsHbTSr9qkzt4M&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
x-guploader-uploadid: ABPtcPrEaAcEr98lLMfJTZIu4_8GTNq4k_2LG5J2-GGyCr-PFRDRFMTqv4jSyffa-T85oEtmRR49fPYRtXKtQuEHZ9xAFFrlU4TA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Wed, 22 Nov 2023 17:03:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEMhjFQ1xnSsHbTSr9qkzt4M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 92ms
45ms Image
image/gif 2404:6800:4004:826::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6884291-6&cid=2006913761.1700668993&jid=1972906697&_u=IEBAAEAAAAAAACAAI~&z=808552461

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
408 B 86ms
42ms Image
image/gif 2404:6800:4004:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6884291-6&cid=2006913761.1700668993&jid=1972906697&_u=IEBAAEAAAAAAACAAI~&z=808552461

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
cm.lndata.com/ Frame 3487 35 B
470 B 368ms
79ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 22 Nov 2023 16:03:13 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 3487 0
217 B 11ms
6ms Image
text/html 54.250.211.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.250.211.17 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-250-211-17.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2

200

cm
c.holmesmind.com/ Frame 3487
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
509 B

153ms
151ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Wed, 22 Nov 2023 16:03:14 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 1262 0
217 B 9ms
6ms Document
text/html 54.250.211.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.250.211.17 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-250-211-17.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 16:03:13 GMT
server: nginx/1.18.0 (Ubuntu)

GET cm.php
fcm.holmesmind.com/ Frame 0D41 0
0

GET
H2 200 cm.js Show response
fcm2.holmesmind.com/ Frame 3487 409 B
631 B 6ms
5ms Script
application/javascript 52.199.184.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm2.holmesmind.com/cm.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.199.184.125 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-199-184-125.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 16:03:13 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript; charset=utf-8

GET
H2

200

google
m.holmesmind.com/ml/ Frame 3487
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=undefined&uu_m=undefined&google_tc=
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEH6qtvKMuCH_tlu9yg7h5sA&google_cver=1

0
479 B

22ms
12ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEH6qtvKMuCH_tlu9yg7h5sA&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
x-guploader-uploadid: ABPtcPotoeTZxfqIF7pt_aqfzYZ9cuQMwGG274H17bpWvSmeo3oDUR4lJRxsjAqVU_VsOBKeqGG4EBazOkvuVbIsgkGM-5jXYGVE
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Wed, 22 Nov 2023 17:03:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEH6qtvKMuCH_tlu9yg7h5sA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
cm.lndata.com/ Frame 810A 35 B
470 B 368ms
81ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 22 Nov 2023 16:03:13 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 810A 0
217 B 125ms
123ms Image
text/html 54.250.211.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.250.211.17 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-250-211-17.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2

200

cm
c.holmesmind.com/ Frame 810A
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
507 B

153ms
152ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Wed, 22 Nov 2023 16:03:14 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame C099 0
217 B 6ms
5ms Document
text/html 54.250.211.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.250.211.17 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-250-211-17.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 16:03:13 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame A144 39 B
191 B 161ms
161ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 16:03:13 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 cm.js Show response
fcm2.holmesmind.com/ Frame 810A 43 B
171 B 5ms
5ms Script
application/javascript 52.199.184.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm2.holmesmind.com/cm.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.199.184.125 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-199-184-125.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9411a7bf658f760658859ce78832f3cf03291384b213a84f3a162a9922e4b0e0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 16:03:13 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript; charset=utf-8

GET
H2

200

google
m.holmesmind.com/ml/ Frame 810A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=undefined&uu_m=undefined&google_tc=
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEFC6s8DKYDSv9CSWGJpIxkU&google_cver=1

0
143 B

31ms
18ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEFC6s8DKYDSv9CSWGJpIxkU&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
x-guploader-uploadid: ABPtcPpU2tCm4NxmtPpE9xnwG_wDhf-LlYEXNNzGHIymoRxTGmrpYNrXugOziAc4RLvT8qXiGbNsriEE17Q_buTK2WmOeuEzzcNy
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Wed, 22 Nov 2023 17:03:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEFC6s8DKYDSv9CSWGJpIxkU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
cm.lndata.com/ Frame 8208 35 B
470 B 369ms
65ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 22 Nov 2023 16:03:13 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2 200 Preset.js Show response
ad.holmesmind.com/adserver/ Frame 6223 508 B
493 B 47ms
8ms Script
text/html 13.113.7.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/Preset.js?z=4765
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.7.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-7-192.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0699651878af29279dd8e75d6c253c604fb5688113161e4b46edf8c9dc8b2128

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: https://heroes.fws.tw
date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 js-md5.js Show response
cdn.holmesmind.com/js/ Frame 6223 30 KB
30 KB 35ms
34ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/js-md5.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date: Wed, 22 Nov 2023 16:03:14 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:04:56 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
etag: "ab3f6a2aedec7585237d5fb727bebcbb"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 30621
x-amz-cf-id: FvavAqsSOcMfOshsO82-M1QGNAezX2QKIUQ_IFb4NL0A8VbkuV0znw==

GET
H2 200 Preset.js Show response
ad.holmesmind.com/adserver/ Frame 1BD8 603 B
512 B 45ms
9ms Script
text/html 13.113.7.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/Preset.js?z=4698
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.7.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-7-192.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 74762ad6037682ad464b0cf9758a58eec881c6844a97e1f6f528ab2166332bac

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: https://heroes.fws.tw
date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 js-md5.js Show response
cdn.holmesmind.com/js/ Frame 1BD8 30 KB
30 KB 4ms
3ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/js-md5.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date: Wed, 22 Nov 2023 16:02:47 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:04:56 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 60
x-amz-server-side-encryption: AES256
etag: "ab3f6a2aedec7585237d5fb727bebcbb"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 30621
x-amz-cf-id: 3WSyEQQK_3ehduQpqSdTGeBgC_HdxNb5CT7SwdnNUsIXzp_9366KBg==

GET
H2 200 Preset.js Show response
ad.holmesmind.com/adserver/ Frame CCC8 603 B
512 B 39ms
9ms Script
text/html 13.113.7.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/Preset.js?z=4698
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.7.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-7-192.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 74762ad6037682ad464b0cf9758a58eec881c6844a97e1f6f528ab2166332bac

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: https://heroes.fws.tw
date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 js-md5.js Show response
cdn.holmesmind.com/js/ Frame CCC8 30 KB
30 KB 4ms
3ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/js-md5.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date: Wed, 22 Nov 2023 16:02:47 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:04:56 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 60
x-amz-server-side-encryption: AES256
etag: "ab3f6a2aedec7585237d5fb727bebcbb"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 30621
x-amz-cf-id: EHdV-QC76ynAyZLFu51TKffdndogYphqblkb2SeRsrfle6Xe-f3vsg==

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 8208 0
217 B 148ms
128ms Image
text/html 54.250.211.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.250.211.17 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-250-211-17.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2

200

cm
c.holmesmind.com/ Frame 8208
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
509 B

153ms
150ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Wed, 22 Nov 2023 16:03:14 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2

200

google
m.holmesmind.com/ml/ Frame 8208
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=undefined&uu_m=undefined&google_tc=
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEDOhkc6Fy1lwvhtcTVAf13c&google_cver=1

0
133 B

26ms
16ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEDOhkc6Fy1lwvhtcTVAf13c&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
x-guploader-uploadid: ABPtcProqBSzN6fGKXXbJWF-n7BW7clpgzr7AzWLJAL7NosJuQ8Lu4Kj5ycR28nA0gn1CRnSq1ddiXgfz49ei-YP1Wtml58AsvlE
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Wed, 22 Nov 2023 17:03:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEDOhkc6Fy1lwvhtcTVAf13c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
ad.holmesmind.com/adserver/ Frame E711 419 B
460 B 26ms
8ms Script
text/html 13.113.7.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/Preset.js?z=5102
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.7.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-7-192.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dd732e3866c87a193ab4a2265406726d23d8c8db5b7cd739c1ce0fd8d40c7f9b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: https://heroes.fws.tw
date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 js-md5.js Show response
cdn.holmesmind.com/js/ Frame E711 30 KB
30 KB 19ms
2ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/js-md5.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date: Wed, 22 Nov 2023 16:02:47 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:04:56 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 60
x-amz-server-side-encryption: AES256
etag: "ab3f6a2aedec7585237d5fb727bebcbb"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 30621
x-amz-cf-id: TXn5KthkiZ6VIi8s5JIOxr9NlgAW5KKLNSPSPZGXxgC2cJwsQPdriw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 9AC7 202 KB
54 KB 12ms
2ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 22 Nov 2023 16:03:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: iD4Am9gzrsFWiIgsd9qa4UQ63F6m+d9KqQYqXXDFuq7HVpgqtOj5lk2Fjbil812rId36//1p09Rv227I3dvSDg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 3487 202 KB
53 KB 13ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 22 Nov 2023 16:03:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: iD4Am9gzrsFWiIgsd9qa4UQ63F6m+d9KqQYqXXDFuq7HVpgqtOj5lk2Fjbil812rId36//1p09Rv227I3dvSDg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
252 B 88ms
35ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-XCDZWDFBWS&_ono=1&gtm=45je3b81v9135357615&_p=1700668993475&_gaz=1&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=2006913761.1700668993&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fheroes.fws.tw%2F&dt=%E6%96%B0%E7%91%AA%E5%A5%87%E8%8B%B1%E9%9B%84%E5%82%B3%20%3A%3A%20%E5%A5%87%E5%B9%BBHEROES&sid=1700668993&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=710
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XCDZWDFBWS&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heroes.fws.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 40ms
39ms Ping
text/plain 2404:6800:4008:c13::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-XCDZWDFBWS&cid=2006913761.1700668993&gtm=45je3b81v9135357615&aip=1&dma=0&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XCDZWDFBWS&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c13::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heroes.fws.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
107 B 43ms
42ms Image
image/gif 2404:6800:4004:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-XCDZWDFBWS&cid=2006913761.1700668993&gtm=45je3b81v9135357615&aip=1&dma=0&gcd=11l1l1l1l2&z=188264078

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 6223 4 KB
1 KB 65ms
64ms Script
text/html 13.113.7.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=4765&rf=https%3A%2F%2Fheroes.fws.tw%2F&n=920&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=5114-8WPmHVFvhFawNLnoTlkf0w1OPV8ebDVD&fp_uuid=5114-72e17b22edf9d55c7dcda5e8dbc84e75&initver=230627P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.7.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-7-192.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ffa9e569f1ce2b0c559aaf53e0546414dc53647d081f2ef175415be4b72ed83c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: https://heroes.fws.tw
date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 6223 3 KB
3 KB 4ms
3ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date: Wed, 22 Nov 2023 16:02:16 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 03:28:50 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 57
x-amz-server-side-encryption: AES256
etag: "519bf06eca29382b4ee4cc4f1dace214"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2905
x-amz-cf-id: zJlJTumo12s69s4Ue4p8OlmPzb7tGH4OhzlHf7x4RtdjFaO7AUoi-Q==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 6223 129 KB
42 KB 15ms
4ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-20336"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 23 Nov 2023 16:03:13 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 6223 3 KB
4 KB 4ms
3ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date: Wed, 22 Nov 2023 16:02:33 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 02:29:01 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 41
x-amz-server-side-encryption: AES256
etag: "13519f9e63c9828d93a698c47992e115"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3197
x-amz-cf-id: Zaj6tsQPYu2Dkrv4M6l32X5zfPg9L6XEgQ6VnAu9m6dcP-QY_bwWKQ==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 6223 3 KB
4 KB 5ms
4ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date: Wed, 22 Nov 2023 16:02:37 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:50:04 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 37
x-amz-server-side-encryption: AES256
etag: "41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3470
x-amz-cf-id: vf5tOW8m4voG709VwKuS0r1ZUq0cPTzgx8qoP9voMOK_kbpWG7TkZQ==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 1BD8 4 KB
1 KB 48ms
46ms Script
text/html 13.113.7.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=4698&rf=https%3A%2F%2Fheroes.fws.tw%2F&n=167&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=5114-8WPmHVFvhFawNLnoTlkf0w1OPV8ebDVD&fp_uuid=5114-72e17b22edf9d55c7dcda5e8dbc84e75&initver=230627P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.7.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-7-192.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: aac41e6a221ea9e344d9e68511d323e59608a9ab8e99181a1d2455879ca451ff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: https://heroes.fws.tw
date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 1BD8 3 KB
3 KB 6ms
3ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date: Wed, 22 Nov 2023 16:03:08 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 03:28:50 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 57
x-amz-server-side-encryption: AES256
etag: "519bf06eca29382b4ee4cc4f1dace214"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2905
x-amz-cf-id: TaJmpnmPPrvVWrHzxOzfVui8BKzHeyOo4pVp6RXwbV-GfvQQhP__Pw==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 1BD8 129 KB
42 KB 20ms
10ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-20336"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 23 Nov 2023 16:03:13 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 1BD8 3 KB
4 KB 6ms
4ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date: Wed, 22 Nov 2023 16:03:10 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 02:29:01 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 41
x-amz-server-side-encryption: AES256
etag: "13519f9e63c9828d93a698c47992e115"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3197
x-amz-cf-id: LJtg51sB9nF1TzFn5a5kGMeGgc-7r5on9_4U44RUS45F4gBwlkFPAQ==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 1BD8 3 KB
4 KB 6ms
4ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date: Wed, 22 Nov 2023 16:03:10 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:50:04 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 37
x-amz-server-side-encryption: AES256
etag: "41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3470
x-amz-cf-id: Gw2dsaKBhrGjwKM8EYsjbK0CFgSdKV5UFYEhWkEylsW5xieDUHkkWw==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 1BD8 5 KB
6 KB 8ms
6ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7989f5d98545e2b0beeb4c4c9a72a3cff6882f590f97ac6399ef11e7eae563fe

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: KUJbvSoWGi_lKMbmRNSgGMjXcZaSZ8MP
date: Wed, 22 Nov 2023 16:02:52 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Mon, 06 Nov 2023 01:51:18 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 22
x-amz-server-side-encryption: AES256
etag: "1dec7abb1c124e45d0dc414b8e714f56"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5433
x-amz-cf-id: _l-or_OA27VwYdT8Iv75tL3Ve4rTRHl-qoO3MGjCYonGd1yavY6Tig==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 1BD8 5 KB
6 KB 22ms
20ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date: Wed, 22 Nov 2023 16:03:14 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:15:25 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
etag: "ec9ddd169f5fd01f28f9b31866cd4701"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5467
x-amz-cf-id: 4mGrJ4Gr8-huThFBHC02g2utuPzoekJvtIaMXMP9dF-dN8mqliG-pA==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame CCC8 4 KB
1 KB 52ms
50ms Script
text/html 13.113.7.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=4698&rf=https%3A%2F%2Fheroes.fws.tw%2F&n=853&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=5114-8WPmHVFvhFawNLnoTlkf0w1OPV8ebDVD&fp_uuid=5114-72e17b22edf9d55c7dcda5e8dbc84e75&initver=230627P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.7.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-7-192.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 341deb9c0ac2957647f03fe29afead3e8fce4986b7eacc24bbcf1930343d7194

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: https://heroes.fws.tw
date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame CCC8 3 KB
3 KB 9ms
6ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date: Wed, 22 Nov 2023 16:03:08 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 03:28:50 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 57
x-amz-server-side-encryption: AES256
etag: "519bf06eca29382b4ee4cc4f1dace214"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2905
x-amz-cf-id: Mz7irFerou7u8WQ-gElc6Uq_JP0upeoKKLEa9bgXxJ_Ipcxap0g24g==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame CCC8 129 KB
42 KB 16ms
8ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-20336"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 23 Nov 2023 16:03:13 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame CCC8 3 KB
4 KB 9ms
6ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date: Wed, 22 Nov 2023 16:03:10 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 02:29:01 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 41
x-amz-server-side-encryption: AES256
etag: "13519f9e63c9828d93a698c47992e115"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3197
x-amz-cf-id: _7ToMxb1owZ7YwQBqbGa6OvSQLdsdaS2fGGyYMtSCUfUd3IQK22cqA==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame CCC8 3 KB
4 KB 9ms
7ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date: Wed, 22 Nov 2023 16:03:10 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:50:04 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 37
x-amz-server-side-encryption: AES256
etag: "41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3470
x-amz-cf-id: xaGDXLsaemnz1tKsEjU-ooJrkTr8uJvcKbIf1wcWd3xRyIIykDNyqg==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame CCC8 5 KB
6 KB 9ms
7ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7989f5d98545e2b0beeb4c4c9a72a3cff6882f590f97ac6399ef11e7eae563fe

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: KUJbvSoWGi_lKMbmRNSgGMjXcZaSZ8MP
date: Wed, 22 Nov 2023 16:03:08 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Mon, 06 Nov 2023 01:51:18 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 22
x-amz-server-side-encryption: AES256
etag: "1dec7abb1c124e45d0dc414b8e714f56"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5433
x-amz-cf-id: R5gU5Ym23eoLQEA0s5oSOgtM2LKHHOvs1QhuU6OLNgbXru53_BYm0Q==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame CCC8 5 KB
6 KB 9ms
7ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date: Wed, 22 Nov 2023 16:02:47 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:15:25 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 60
x-amz-server-side-encryption: AES256
etag: "ec9ddd169f5fd01f28f9b31866cd4701"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5467
x-amz-cf-id: 1BfLF4jNoWsk-3e6Aw4ttZetKb9pvYR5huJ2iBVV1mfSZVlsPRl9mg==

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 6223 0
175 B 246ms
81ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heroes.fws.tw/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://heroes.fws.tw
date: Wed, 22 Nov 2023 16:03:13 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 6223 0
173 B 206ms
66ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5032399274389747
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heroes.fws.tw/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://heroes.fws.tw
Date: Wed, 22 Nov 2023 16:03:13 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 1BD8 0
175 B 246ms
81ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heroes.fws.tw/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://heroes.fws.tw
date: Wed, 22 Nov 2023 16:03:13 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 1BD8 0
173 B 203ms
66ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5362972643351531
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heroes.fws.tw/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://heroes.fws.tw
Date: Wed, 22 Nov 2023 16:03:13 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 1BD8
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=wu8Zsc7CDc-SRKBNQSZeZQ

2 B
131 B

48ms
48ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=wu8Zsc7CDc-SRKBNQSZeZQ
Requested by: Host: heroes.fws.tw
URL: https://heroes.fws.tw/
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Wed, 22 Nov 2023 16:03:13 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=wu8Zsc7CDc-SRKBNQSZeZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame CCC8 0
176 B 244ms
80ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heroes.fws.tw/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://heroes.fws.tw
date: Wed, 22 Nov 2023 16:03:13 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame CCC8 0
173 B 145ms
48ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.20717967189984665
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heroes.fws.tw/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://heroes.fws.tw
Date: Wed, 22 Nov 2023 16:03:13 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame CCC8
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=UrATqC8rBcuqCjKIQSZeZQ

2 B
131 B

46ms
46ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=UrATqC8rBcuqCjKIQSZeZQ
Requested by: Host: heroes.fws.tw
URL: https://heroes.fws.tw/
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Wed, 22 Nov 2023 16:03:13 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=UrATqC8rBcuqCjKIQSZeZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame CCC8
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=BzLI0fZBDumFAIgsQSZeZQ

2 B
131 B

115ms
114ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=BzLI0fZBDumFAIgsQSZeZQ
Requested by: Host: heroes.fws.tw
URL: https://heroes.fws.tw/
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Wed, 22 Nov 2023 16:03:13 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=BzLI0fZBDumFAIgsQSZeZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame CCC8
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=APSp7z2xBoaaS8yAQSZeZQ

2 B
159 B

42ms
40ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=APSp7z2xBoaaS8yAQSZeZQ
Requested by: Host: heroes.fws.tw
URL: https://heroes.fws.tw/
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Wed, 22 Nov 2023 16:03:13 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=APSp7z2xBoaaS8yAQSZeZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 6223 0
191 B 18ms
7ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=50170710351

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://heroes.fws.tw/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://heroes.fws.tw
date: Wed, 22 Nov 2023 16:03:12 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 1BD8
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=_5S5T1WvDmiBkz_mQSZeZQ

2 B
131 B

42ms
42ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=_5S5T1WvDmiBkz_mQSZeZQ
Requested by: Host: heroes.fws.tw
URL: https://heroes.fws.tw/
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Wed, 22 Nov 2023 16:03:13 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=_5S5T1WvDmiBkz_mQSZeZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame CCC8 0
191 B 14ms
7ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=59486130355

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://heroes.fws.tw/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://heroes.fws.tw
date: Wed, 22 Nov 2023 16:03:13 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 1BD8 0
192 B 11ms
7ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=27088333623

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://heroes.fws.tw/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://heroes.fws.tw
date: Wed, 22 Nov 2023 16:03:13 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 1BD8 13 KB
13 KB 45ms
45ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=4698&rf=https%3A%2F%2Fheroes.fws.tw%2F&n=167&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=5114-8WPmHVFvhFawNLnoTlkf0w1OPV8ebDVD&fp_uuid=5114-72e17b22edf9d55c7dcda5e8dbc84e75&initver=230627P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date: Wed, 22 Nov 2023 16:03:14 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:54:55 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
etag: "dcf480340ca4b65dc9aa76bd9e677036"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 13033
x-amz-cf-id: W89lVCw0JKXv5GQzEUIcp9PcuxZKFL8t_K17sbWihe5mcmAtd__ksw==

POST
H2 204 events
bidder.criteo.com/csm/ Frame 6223 0
191 B 7ms
5ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://heroes.fws.tw/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://heroes.fws.tw
date: Wed, 22 Nov 2023 16:03:13 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 6223 43 B
365 B 6ms
3ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 16 Nov 2024 16:03:13 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 6223 43 B
365 B 6ms
4ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 16 Nov 2024 16:03:13 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame CCC8 43 B
365 B 8ms
5ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 16 Nov 2024 16:03:13 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame CCC8 43 B
365 B 5ms
3ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 16 Nov 2024 16:03:13 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame CCC8 0
191 B 7ms
5ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://heroes.fws.tw/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://heroes.fws.tw
date: Wed, 22 Nov 2023 16:03:13 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 1BD8 43 B
365 B 6ms
4ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 16 Nov 2024 16:03:13 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 1BD8 43 B
365 B 5ms
4ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 16 Nov 2024 16:03:13 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 1BD8 0
191 B 6ms
5ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://heroes.fws.tw/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://heroes.fws.tw
date: Wed, 22 Nov 2023 16:03:13 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame CCC8 13 KB
13 KB 4ms
3ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=4698&rf=https%3A%2F%2Fheroes.fws.tw%2F&n=853&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=5114-8WPmHVFvhFawNLnoTlkf0w1OPV8ebDVD&fp_uuid=5114-72e17b22edf9d55c7dcda5e8dbc84e75&initver=230627P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date: Wed, 22 Nov 2023 16:03:08 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:54:55 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 60
x-amz-server-side-encryption: AES256
etag: "dcf480340ca4b65dc9aa76bd9e677036"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 13033
x-amz-cf-id: JP2XdigV61deVVDEYIP45C0aAZPfkUQyX_xojBv3Nc7IicZ4v6rd5g==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 6223 13 KB
13 KB 3ms
3ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=4765&rf=https%3A%2F%2Fheroes.fws.tw%2F&n=920&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=5114-8WPmHVFvhFawNLnoTlkf0w1OPV8ebDVD&fp_uuid=5114-72e17b22edf9d55c7dcda5e8dbc84e75&initver=230627P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date: Wed, 22 Nov 2023 16:03:08 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:54:55 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 60
x-amz-server-side-encryption: AES256
etag: "dcf480340ca4b65dc9aa76bd9e677036"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 13033
x-amz-cf-id: _tedGiU_UgsVgtBVzzRMw7qC4ziRhl3dImQUlyG6eCQJtsx_DmhxvQ==

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 9AC7 37 B
409 B 60ms
60ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

dfe6a88604de3ecba9aba015bfc3036ac147e340a5d3ac73cf4dfcd8e61c439d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:13 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C5A5 110 KB
42 KB 373ms
371ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3786120897915304&output=html&h=200&slotname=6046854383&adk=2923980901&adf=2555147040&pi=t.ma~as.6046854383&w=200&lmt=1700668993&url=https%3A%2F%2Fheroes.fws.tw%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700668993382&bpp=116&bdt=107&idt=514&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&correlator=6487858868370&frm=20&pv=2&ga_vid=2006913761.1700668993&ga_sid=1700668994&ga_hid=1624658640&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079757%2C44807764%2C44808149%2C44808284%2C44809055%2C31079698&oid=2&pvsid=966112613964548&tmod=463968993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=542

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea074e5a6cb81ee5f70e3ca8c92f8af0b6830c02cab29025e371a3abfd5c7058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heroes.fws.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 42678
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 16:03:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A237 471 KB
98 KB 567ms
566ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3786120897915304&output=html&adk=1812271804&adf=1573534164&lmt=1700668993&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fheroes.fws.tw%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700668993509&bpp=2&bdt=234&idt=428&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_slotnames=6046854383&nras=1&correlator=6487858868370&frm=20&pv=1&ga_vid=2006913761.1700668993&ga_sid=1700668994&ga_hid=1624658640&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079757%2C44807764%2C44808149%2C44808284%2C44809055&oid=2&pvsid=966112613964548&tmod=463968993&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=449

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7bf519365997da0c0c3a3078e8aed3f451baa33effad4ceb4659973b3aa6fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heroes.fws.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 100663
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 16:03:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 6223 5 KB
3 KB 62ms
62ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Wed, 22 Nov 2023 16:13:14 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 1BD8 5 KB
3 KB 62ms
61ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Wed, 22 Nov 2023 16:13:14 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame CCC8 5 KB
3 KB 61ms
61ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Wed, 22 Nov 2023 16:13:14 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 6223 36 B
404 B 42ms
42ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

6e094786104884fec24d77c10ac7ca637afe10bed3b623ae85a60f0074a791b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://heroes.fws.tw
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 1BD8 36 B
404 B 43ms
43ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

6e094786104884fec24d77c10ac7ca637afe10bed3b623ae85a60f0074a791b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://heroes.fws.tw
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame CCC8 36 B
404 B 44ms
44ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

6e094786104884fec24d77c10ac7ca637afe10bed3b623ae85a60f0074a791b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://heroes.fws.tw
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 6223 30 B
274 B 36ms
35ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=997a671b-6fcf-415b-80fc-820075640b30

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://heroes.fws.tw
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 9AC7 0
194 B 49ms
48ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=undefined&mp=997a671b-6fcf-415b-80fc-820075640b30

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
997a671b-6fcf-415b-80fc-820075640b30.t.ssp.hinet.net/ Frame 9AC7 0
79 B 135ms
48ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://997a671b-6fcf-415b-80fc-820075640b30.t.ssp.hinet.net/pixel?bd=997a671b-6fcf-415b-80fc-820075640b30&t=cf&referrer=https%3A%2F%2Fheroes.fws.tw

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 1081868462900755258
tpc.googlesyndication.com/simgad/ Frame C5A5 48 KB
48 KB 67ms
9ms Image
image/jpeg 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1081868462900755258?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnt1rIN3_iB73_VlEksUUWZVo32Jw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3786120897915304&output=html&h=200&slotname=6046854383&adk=2923980901&adf=2555147040&pi=t.ma~as.6046854383&w=200&lmt=1700668993&url=https%3A%2F%2Fheroes.fws.tw%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700668993382&bpp=116&bdt=107&idt=514&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&correlator=6487858868370&frm=20&pv=2&ga_vid=2006913761.1700668993&ga_sid=1700668994&ga_hid=1624658640&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079757%2C44807764%2C44808149%2C44808284%2C44809055%2C31079698&oid=2&pvsid=966112613964548&tmod=463968993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=542

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b767ae004425577a3fec5997133eaceedd523fb950bb7c53d5ec4bd831d942af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 19:45:17 GMT
x-content-type-options: nosniff
age: 591477
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48652
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 08:41:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Nov 2024 19:45:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame C5A5 23 KB
9 KB 61ms
3ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 03:56:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E7B5 143 B
166 B 9ms
3ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3786120897915304&output=html&h=200&slotname=6046854383&adk=2923980901&adf=2555147040&pi=t.ma~as.6046854383&w=200&lmt=1700668993&url=https%3A%2F%2Fheroes.fws.tw%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700668993382&bpp=116&bdt=107&idt=514&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&correlator=6487858868370&frm=20&pv=2&ga_vid=2006913761.1700668993&ga_sid=1700668994&ga_hid=1624658640&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079757%2C44807764%2C44808149%2C44808284%2C44809055%2C31079698&oid=2&pvsid=966112613964548&tmod=463968993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=542
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 15:56:49 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C5A5 3 KB
1 KB 62ms
5ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:59:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:59:40 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A77D 1 KB
643 B 7ms
5ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 13123
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 12:24:31 GMT
etag: 48472445140208031
expires: Thu, 23 Nov 2023 12:24:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C5A5 20 KB
9 KB 58ms
2ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:59:39 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C5A5 0
0 42ms
40ms Image
text/html 2404:6800:4004:826::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1wkYAvEXqAHgRnkv_AysF_vyMJWozUuZSJ8UBRpBjICs9XhpV4ZbjHvnkMPSyksmoq4Lx32jMDnMtNRllbTsskiRhEQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3786120897915304&output=html&h=200&slotname=6046854383&adk=2923980901&adf=2555147040&pi=t.ma~as.6046854383&w=200&lmt=1700668993&url=https%3A%2F%2Fheroes.fws.tw%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700668993382&bpp=116&bdt=107&idt=514&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&correlator=6487858868370&frm=20&pv=2&ga_vid=2006913761.1700668993&ga_sid=1700668994&ga_hid=1624658640&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079757%2C44807764%2C44808149%2C44808284%2C44809055%2C31079698&oid=2&pvsid=966112613964548&tmod=463968993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:826::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C5A5 202 KB
64 KB 79ms
72ms Script
text/javascript 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 16:03:14 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C5A5 36 KB
15 KB 56ms
5ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 03:56:17 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E7B5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

61ms
59ms

Document
text/html

2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 16:03:14 GMT
expires: Wed, 22 Nov 2023 16:03:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 16:03:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame A77D 35 B
463 B 214ms
70ms Image
image/gif 2620:116:800e:21:c338:3a39:7c0b:1a51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK4vJlDSyDPvB2gW0mh5mLQ&google_cver=1&google_push=AXcoOmQZkDPO2p4IoCZMajbFowC9K75VVLi74atkW2gjWnRtBRZEHhgCXYHFeSTflyH2k49nEfE6Gu2ZCVuSo0WnirJhNVcw9gcHC-sZ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:c338:3a39:7c0b:1a51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:14 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame A77D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGlyHCp77nVoVMko9SUdKK8&google_cver=1&google_push=AXcoOmSPNIswRPFdmEESMuv8tZb-w2uFi8nHZ3GYBa7OgrbXEaxV8n9is224YNGS9Z99KsddXalLKq4I8497mEVxmSAz1R8Tcc2-c...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGlyHCp77nVoVMko9SUdKK8&google_cver=1&google_push=AXcoOmSPNIswRPFdmEESMuv8tZb-w2uFi8nHZ3GYBa7OgrbXEaxV8n9is224YNGS9Z99KsddXalLKq4I8497mEVxmSAz1R8Tcc2...

43 B
422 B

127ms
119ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGlyHCp77nVoVMko9SUdKK8&google_cver=1&google_push=AXcoOmSPNIswRPFdmEESMuv8tZb-w2uFi8nHZ3GYBa7OgrbXEaxV8n9is224YNGS9Z99KsddXalLKq4I8497mEVxmSAz1R8Tcc2-cLnC&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSPNIswRPFdmEESMuv8tZb-w2uFi8nHZ3GYBa7OgrbXEaxV8n9is224YNGS9Z99KsddXalLKq4I8497mEVxmSAz1R8Tcc2-cLnC%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3786120897915304&output=html&h=200&slotname=6046854383&adk=2923980901&adf=2555147040&pi=t.ma~as.6046854383&w=200&lmt=1700668993&url=https%3A%2F%2Fheroes.fws.tw%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700668993382&bpp=116&bdt=107&idt=514&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&correlator=6487858868370&frm=20&pv=2&ga_vid=2006913761.1700668993&ga_sid=1700668994&ga_hid=1624658640&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079757%2C44807764%2C44808149%2C44808284%2C44809055%2C31079698&oid=2&pvsid=966112613964548&tmod=463968993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=542
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:14 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82a266bfca0525f8-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:14 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 295
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGlyHCp77nVoVMko9SUdKK8&google_cver=1&google_push=AXcoOmSPNIswRPFdmEESMuv8tZb-w2uFi8nHZ3GYBa7OgrbXEaxV8n9is224YNGS9Z99KsddXalLKq4I8497mEVxmSAz1R8Tcc2-cLnC&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSPNIswRPFdmEESMuv8tZb-w2uFi8nHZ3GYBa7OgrbXEaxV8n9is224YNGS9Z99KsddXalLKq4I8497mEVxmSAz1R8Tcc2-cLnC%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82a266bef94925f8-NRT
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A77D
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFNM4gy7N8MyYeR-1DK2lgU&google_cver=1&google_push=AXcoOmSd36OWlDBDdUVhyOfPjEfQ-7ogE1fJ9GDSMIWIhhxiANsmswuSx4oS8XbYViWn0vAciyF-9SpGSgwbaYpvzn...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEFNM4gy7N8MyYeR-1DK2lgU&google_cver=1&google_push=AXcoOmSd36OWlDBDdUVhyOfPjEfQ-7ogE1fJ9GDSMIWIhhxiANsmswuSx4oS8XbYViWn0vAciyF-9SpGSgwbaYpvzn...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTIxMjgxMTktYzlmMy00ODVhLTllNmItMjA3YmIwOGRmN2Ey&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e2128119-c9f3-485a-9e6b-207bb08df7a2

170 B
188 B

44ms
43ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTIxMjgxMTktYzlmMy00ODVhLTllNmItMjA3YmIwOGRmN2Ey&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e2128119-c9f3-485a-9e6b-207bb08df7a2

Requested by

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTIxMjgxMTktYzlmMy00ODVhLTllNmItMjA3YmIwOGRmN2Ey&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e2128119-c9f3-485a-9e6b-207bb08df7a2
date: Wed, 22 Nov 2023 16:03:14 GMT
server: Kestrel
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A77D
Redirect Chain

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEMWqh_y_8MpfKMVR1rCR3tU&google_cver=1&google_push=AXcoOmSbhSBth3etjKkmexPjaJsszHeGuAElvE2cl8Suu_YVFjo_dk_50lJUUcVN7a7RG0nYkGBS_kj5c8nYlpgbwAeCMYjy...
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmSbhSBth3etjKkmexPjaJsszHeGuAElvE2cl8Suu_YVFjo_dk_50lJUUcVN7a7RG0nYkGBS_kj5c8nYlpgbwAeCMYjyKdUdA1AL

170 B
188 B

44ms
43ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmSbhSBth3etjKkmexPjaJsszHeGuAElvE2cl8Suu_YVFjo_dk_50lJUUcVN7a7RG0nYkGBS_kj5c8nYlpgbwAeCMYjyKdUdA1AL

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmSbhSBth3etjKkmexPjaJsszHeGuAElvE2cl8Suu_YVFjo_dk_50lJUUcVN7a7RG0nYkGBS_kj5c8nYlpgbwAeCMYjyKdUdA1AL
Date: Wed, 22 Nov 2023 16:03:14 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A77D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFUnpFVYhSYw4Eor6g5YI5M&google_cver=1&google_push=AXcoOmRqt9Qqp1IsQnzVN7gI3eAL-zcCDfXg_pm0PwWAKwt0oFbMyyPZL4Nf7JuroyRDdkemWJBwnKd59SybogmxS-Dvv8v...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRqt9Qqp1IsQnzVN7gI3eAL-zcCDfXg_pm0PwWAKwt0oFbMyyPZL4Nf7JuroyRDdkemWJBwnKd59SybogmxS-Dvv8vivnNCv-M&google_hm=eS14blFMUmRGRTJwRzd...

170 B
188 B

41ms
41ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRqt9Qqp1IsQnzVN7gI3eAL-zcCDfXg_pm0PwWAKwt0oFbMyyPZL4Nf7JuroyRDdkemWJBwnKd59SybogmxS-Dvv8vivnNCv-M&google_hm=eS14blFMUmRGRTJwRzdJUS5LQTBYcTFmaUJkckU1c0xOOH5B

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 16:03:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRqt9Qqp1IsQnzVN7gI3eAL-zcCDfXg_pm0PwWAKwt0oFbMyyPZL4Nf7JuroyRDdkemWJBwnKd59SybogmxS-Dvv8vivnNCv-M&google_hm=eS14blFMUmRGRTJwRzdJUS5LQTBYcTFmaUJkckU1c0xOOH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A77D
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFSm7fEssqN7vRRimocVo8c&google_cver=1&google_push=AXcoOmRbpsYxUXUhaJA33yZOGJns6RGl0b6Ns5iRdPxOHj2RsHzoO_lSEnqLOKzpi9Qjqe2OSMEFmO3_gZ2L...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRbpsYxUXUhaJA33yZOGJns6RGl0b6Ns5iRdPxOHj2RsHzoO_lSEnqLOKzpi9Qjqe2OSMEFmO3_gZ2LjkRTdxwsMv_VqOy0PjpI

170 B
188 B

38ms
38ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRbpsYxUXUhaJA33yZOGJns6RGl0b6Ns5iRdPxOHj2RsHzoO_lSEnqLOKzpi9Qjqe2OSMEFmO3_gZ2LjkRTdxwsMv_VqOy0PjpI

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRbpsYxUXUhaJA33yZOGJns6RGl0b6Ns5iRdPxOHj2RsHzoO_lSEnqLOKzpi9Qjqe2OSMEFmO3_gZ2LjkRTdxwsMv_VqOy0PjpI
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 400 sspsync
cksync.yahoo.co.jp/ Frame A77D 35 B
622 B 78ms
28ms Image
image/gif 183.79.219.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEAtkAMrDpy8hHCk1dglEKHE&google_cver=1&google_push=AXcoOmSVxOtMyg5tREeDX8BpO-DpYsOnhsCZsUAGyxPJodizEofuEckx60NBuEVRQiY5eABL23cXUehQmIqkBc_SRQSwQGRc0_gY1dG1ZQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.79.219.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
x-content-type-options: nosniff
server: nghttpx
age: 0
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private, no-store, no-cache
cross-origin-resource-policy: cross-origin
content-length: 35
x-xss-protection: 1; mode=block

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A77D 0
12 B 40ms
40ms Image
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KKfjfXMrF-1VMRivSCJN6ISzt3IilZVPGyLC-fS6ztnVnKptTcKQxiA8saIcmoGpCoJndltA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 1.js Show response
cdn.holmesmind.com/js/tmp2/ Frame 6223 17 KB
18 KB 4ms
3ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/tmp2/1.js
Requested by: Host: heroes.fws.tw
URL: https://heroes.fws.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 146111050a7d56d8bbcede33392087163f2a94327ee8c9cf6197f23c911b6654

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: KthLU5ippZpZtEXDrUV9j5pvkd8M8UFF
date: Wed, 22 Nov 2023 16:03:12 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 05:57:22 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 3
x-amz-server-side-encryption: AES256
etag: "5c752be0e0c4a848aa2f990d91308e36"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17613
x-amz-cf-id: cUfB5K5GUVOy7IX8vtqA1gcjDMij6hcSnAJADk5P77_yCZh6jdusxA==

GET
H2 200 cf.png
cdn.holmesmind.com/ Frame 6223 2 KB
3 KB 5ms
4ms Image
image/png 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/cf.png
Requested by: Host: heroes.fws.tw
URL: https://heroes.fws.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bca7ee31fc622c935a1ba3d3d012111f3aab926dc898ed011513fc7a9145f90e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: JXDsYp0MpCsC07xlgs6M6Edv23lP_HUM
date: Tue, 21 Nov 2023 18:56:49 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Mon, 19 Jun 2023 03:09:39 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 75986
x-amz-server-side-encryption: AES256
etag: "7cb0cc414e01c6f48a9eefee02d81959"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2399
x-amz-cf-id: GoT_ZWk7yc-2tb0yH6sSoA3q1lBQAh42AFMw4a328ybVsqkIL7MskA==

GET
H2 200 ade-tracker.js Show response
cdn.holmesmind.com/js/modle/ade/ Frame 6223 2 KB
2 KB 10ms
7ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/tmp2/1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: e6irG_P5F2jdCF9fNky2jWkkhxNctdGx
date: Wed, 22 Nov 2023 16:02:39 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:26:15 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 36
x-amz-server-side-encryption: AES256
etag: "cc88de770769cdecaa524a5801120c78"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1646
x-amz-cf-id: YGL6aDM7-p3R2TItIzk1qt9msiZ4-8ifXafpDtElprl1KAf0vyrhMg==

GET
H2 200 33e5125dcbddcf22fce035d46b95bc2b.jpg
cdn.holmesmind.com/image/14756/ Frame 6223 69 KB
69 KB 10ms
7ms Image
image/jpeg 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/image/14756/33e5125dcbddcf22fce035d46b95bc2b.jpg
Requested by: Host: heroes.fws.tw
URL: https://heroes.fws.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63e1a42630dc14896fc869423e9c3c12bba1d2fbb53d90ec72a0fbef9325bb85

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: SBa7Ednmx8zlWh6Sl58pxsByxfcntrLt
date: Wed, 22 Nov 2023 12:19:31 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Fri, 29 Sep 2023 06:29:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 13424
x-amz-server-side-encryption: AES256
etag: "cd741bceea2a00b1ca88d292d7b8c1d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 70343
x-amz-cf-id: 7avnd6uQxlo-GIkYlE_c1o44AKjXlcerSE7Ln2XnY2SMpQ8JR8wE2Q==

GET
H2 200 i
ad.holmesmind.com/adserver/ Frame 6223 0
77 B 10ms
8ms Image
image/png 13.113.7.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/i?ut=1700668993&p=4765:98122:189016:58de9739aea0dacdbc2e3e9d9785e64a:14756
Requested by: Host: heroes.fws.tw
URL: https://heroes.fws.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.7.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-7-192.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/png
date: Wed, 22 Nov 2023 16:03:14 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 1.js Show response
cdn.holmesmind.com/js/tmp2/ Frame 1BD8 17 KB
18 KB 5ms
4ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/tmp2/1.js
Requested by: Host: heroes.fws.tw
URL: https://heroes.fws.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 146111050a7d56d8bbcede33392087163f2a94327ee8c9cf6197f23c911b6654

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: KthLU5ippZpZtEXDrUV9j5pvkd8M8UFF
date: Wed, 22 Nov 2023 16:03:14 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 05:57:22 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 3
x-amz-server-side-encryption: AES256
etag: "5c752be0e0c4a848aa2f990d91308e36"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17613
x-amz-cf-id: SCzmy7Mq1RPXzl2HFEAWtH_15MUKGFgSZg9XszL9QIe5MCYbJHJlMQ==

GET
H2 200 cf.png
cdn.holmesmind.com/ Frame 1BD8 2 KB
3 KB 3ms
3ms Image
image/png 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/cf.png
Requested by: Host: heroes.fws.tw
URL: https://heroes.fws.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bca7ee31fc622c935a1ba3d3d012111f3aab926dc898ed011513fc7a9145f90e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: JXDsYp0MpCsC07xlgs6M6Edv23lP_HUM
date: Tue, 21 Nov 2023 20:19:11 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Mon, 19 Jun 2023 03:09:39 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 75986
x-amz-server-side-encryption: AES256
etag: "7cb0cc414e01c6f48a9eefee02d81959"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2399
x-amz-cf-id: cGFrYxPIN1KHjsX-qdI9WVFv5c72oHNvS1bBg7JZCSFFyEJYvswoow==

GET
DATA 200
OK truncated
/ Frame C5A5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 955d84837b393f9249df8859a23dae5cf21a9dca5d62d6d3957a132e9e9b747a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ade-tracker.js Show response
cdn.holmesmind.com/js/modle/ade/ Frame 1BD8 2 KB
2 KB 4ms
4ms Script
application/javascript 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/tmp2/1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: e6irG_P5F2jdCF9fNky2jWkkhxNctdGx
date: Wed, 22 Nov 2023 16:03:14 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:26:15 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 36
x-amz-server-side-encryption: AES256
etag: "cc88de770769cdecaa524a5801120c78"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1646
x-amz-cf-id: 8bSki8XM1TZX_VmBIoHT0Hpqgt2X8L5dEXhiPBNlM3U04OQjy-vgFw==

GET
H2 200 b54a168baa850253c6d5a29f93d0c781.jpg
cdn.holmesmind.com/image/14756/ Frame 1BD8 53 KB
54 KB 3ms
3ms Image
image/jpeg 2600:9000:20e4:1000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/image/14756/b54a168baa850253c6d5a29f93d0c781.jpg
Requested by: Host: heroes.fws.tw
URL: https://heroes.fws.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a72e2307d137e88a1a0b8f29db38107be5c4e420c156667a9e4a884d9ea86e2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: rcmp9tbpFWJqwx50kX4W6ODwQWl8x02T
date: Tue, 21 Nov 2023 19:45:55 GMT
via: 1.1 d63cb62d5c82f2155d89e86d6c78040e.cloudfront.net (CloudFront)
last-modified: Fri, 29 Sep 2023 06:29:06 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 73040
x-amz-server-side-encryption: AES256
etag: "c7a7c652eda3864d25fafde3fa990916"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 54413
x-amz-cf-id: EiKllfbDtq3vGPVYZJbDyBULmFBgfwISN5L2VJdnFf2ZSFsDcK5VFw==

GET
H2 200 i
ad.holmesmind.com/adserver/ Frame 1BD8 0
77 B 10ms
9ms Image
image/png 13.113.7.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/i?ut=1700668993&p=4698:98122:189023:1fd77bfbc112203215c3219089d3a2de:14756
Requested by: Host: heroes.fws.tw
URL: https://heroes.fws.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.7.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-7-192.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/png
date: Wed, 22 Nov 2023 16:03:14 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C5A5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CL1a-QSZeZdbDOq2Dpt8PtJiyyA_P_dyrdMf917qREsbY9IqMDhABIJ_j1wZgifPFhPQToAGJ-LzWAsgBAqkCGlLbW-zfPD6oAwHIA8kEqgTNAU_Q-saZz5VtM9vfr4LJItBDybS-ssRd57O...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x22eb793064ad75800000000000000000%22,%222%22:%220x71b4db03656994e20000000000000000%22,%223%22:%220x87a767...

0
0

43ms
42ms

Fetch
text/css

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x22eb793064ad75800000000000000000%22,%222%22:%220x71b4db03656994e20000000000000000%22,%223%22:%220x87a7674d651236480000000000000000%22,%224%22:%220x873d167b3f87015f0000000000000000%22,%225%22:%220xc3a43a3d08090f810000000000000000%22},%22debug_key%22:%2211247466061083584530%22,%22debug_reporting%22:true,%22destination%22:%22https://kao.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22718224393%22],%224%22:[%2211-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214835330327726845313%22}&andc=true

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x22eb793064ad75800000000000000000","2":"0x71b4db03656994e20000000000000000","3":"0x87a7674d651236480000000000000000","4":"0x873d167b3f87015f0000000000000000","5":"0xc3a43a3d08090f810000000000000000"},"debug_key":"11247466061083584530","debug_reporting":true,"destination":"https://kao.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["718224393"],"4":["11-22"],"6":["true"]},"priority":"500","source_event_id":"14835330327726845313"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 22 Nov 2023 16:03:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Nov 2023 16:03:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x22eb793064ad75800000000000000000","2":"0x71b4db03656994e20000000000000000","3":"0x87a7674d651236480000000000000000","4":"0x873d167b3f87015f0000000000000000","5":"0xc3a43a3d08090f810000000000000000"},"debug_key":"11247466061083584530","debug_reporting":true,"destination":"https://kao.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["718224393"],"4":["11-22"],"6":["true"]},"priority":"500","source_event_id":"14835330327726845313"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 2410 39 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:14:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 463706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 07:14:48 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 93ms
43ms Preflight
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 16:03:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 av Show response
ad.holmesmind.com/adserver/ Frame 6223 0
152 B 8ms
7ms Script
text/html 13.113.7.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/av?p=4765:98122:189016:58de9739aea0dacdbc2e3e9d9785e64a:14756&type=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.7.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-7-192.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 160 KB
55 KB 70ms
70ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js?bust=31079757

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2270d7c79d16d36d9c3abdb39d42508ed936c54198b294617918890f23de7a35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55854
x-xss-protection: 0
server: cafe
etag: 9667418838466001037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 16:03:14 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 19E0 436 B
233 B 261ms
261ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3786120897915304&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700668994&rafmt=1&to=qs&pwprc=7679182516&format=1200x280&url=https%3A%2F%2Fheroes.fws.tw%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700668994667&bpp=1&bdt=1392&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dddbdf72f74819881%3AT%3D1700668993%3ART%3D1700668993%3AS%3DALNI_MYbmOb3eSPC4XZoVe5S3j_BgQzaGA&gpic=UID%3D00000c94403e5c22%3AT%3D1700668993%3ART%3D1700668993%3AS%3DALNI_MbGkjpsVuoNPRvdVmg8O0yj0vnfyQ&prev_fmts=0x0&prev_slotnames=6046854383&nras=2&correlator=6487858868370&frm=20&pv=1&ga_vid=2006913761.1700668993&ga_sid=1700668994&ga_hid=1624658640&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079757%2C44807764%2C44808149%2C44808284%2C44809055&oid=2&psts=AOrYGsl9-XcwGSf2Rr-EwuOwTRaAU-GfSgBZlquGulwRQZCAUqymww_Ata17WLaOkivUC5NqChFkfxjd8vT41ZFWQZ_QYJUR&pvsid=966112613964548&tmod=463968993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1817f82603586a72784f7b24171e2edaeaaa3f9ddf17fe62353f8ccf43d9f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heroes.fws.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 16:03:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 55DA 436 B
233 B 318ms
318ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3786120897915304&output=html&h=280&adk=4116931236&adf=3418144085&pi=t.aa~a.754343309~rp.1&w=975&fwrn=4&fwrnh=100&lmt=1700668994&rafmt=1&to=qs&pwprc=7679182516&format=975x280&url=https%3A%2F%2Fheroes.fws.tw%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700668994667&bpp=1&bdt=1391&idt=-M&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dddbdf72f74819881%3AT%3D1700668993%3ART%3D1700668993%3AS%3DALNI_MYbmOb3eSPC4XZoVe5S3j_BgQzaGA&gpic=UID%3D00000c94403e5c22%3AT%3D1700668993%3ART%3D1700668993%3AS%3DALNI_MbGkjpsVuoNPRvdVmg8O0yj0vnfyQ&prev_fmts=0x0%2C1200x280&prev_slotnames=6046854383&nras=3&correlator=6487858868370&frm=20&pv=1&ga_vid=2006913761.1700668993&ga_sid=1700668994&ga_hid=1624658640&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=313&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079757%2C44807764%2C44808149%2C44808284%2C44809055&oid=2&psts=AOrYGsl9-XcwGSf2Rr-EwuOwTRaAU-GfSgBZlquGulwRQZCAUqymww_Ata17WLaOkivUC5NqChFkfxjd8vT41ZFWQZ_QYJUR&pvsid=966112613964548&tmod=463968993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d6978501fbd0745c4ffdccdc161222e65507de54c0bba302f9237b4dbb6826c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heroes.fws.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 16:03:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5B29 436 B
233 B 254ms
253ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3786120897915304&output=html&h=90&adk=2480414160&adf=3296512626&pi=t.aa~a.678885450~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1700668994&rafmt=1&to=qs&pwprc=7679182516&format=974x90&url=https%3A%2F%2Fheroes.fws.tw%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700668994667&bpp=1&bdt=1391&idt=0&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dddbdf72f74819881%3AT%3D1700668993%3ART%3D1700668993%3AS%3DALNI_MYbmOb3eSPC4XZoVe5S3j_BgQzaGA&gpic=UID%3D00000c94403e5c22%3AT%3D1700668993%3ART%3D1700668993%3AS%3DALNI_MbGkjpsVuoNPRvdVmg8O0yj0vnfyQ&prev_fmts=0x0%2C1200x280%2C975x280&prev_slotnames=6046854383&nras=4&correlator=6487858868370&frm=20&pv=1&ga_vid=2006913761.1700668993&ga_sid=1700668994&ga_hid=1624658640&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=313&ady=2266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C31079757%2C44807764%2C44808149%2C44808284%2C44809055&oid=2&psts=AOrYGsl9-XcwGSf2Rr-EwuOwTRaAU-GfSgBZlquGulwRQZCAUqymww_Ata17WLaOkivUC5NqChFkfxjd8vT41ZFWQZ_QYJUR&pvsid=966112613964548&tmod=463968993&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12d616b8148fa06ccc235d858fd5ff1ff08208ce68945e2dfd19ed7d4a3ef2d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heroes.fws.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 16:03:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame CD7A 9 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heroes.fws.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 13169
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 12:23:45 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 12:23:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 6B1C 9 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heroes.fws.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 13169
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 12:23:45 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 12:23:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 47BF 9 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heroes.fws.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 13169
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 12:23:45 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 12:23:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame CD7A 4 KB
1 KB 82ms
38ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 16:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 14:48:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 16:03:14 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CD7A 205 B
651 B 70ms
11ms Image
image/png 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 19:02:39 GMT
x-content-type-options: nosniff
age: 594035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 14 Nov 2024 19:02:39 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CD7A 604 B
697 B 70ms
12ms Image
image/png 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 18:54:32 GMT
x-content-type-options: nosniff
age: 594522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 14 Nov 2024 18:54:32 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame CD7A 15 KB
7 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:59:39 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame CD7A 21 KB
9 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:59:39 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 6B1C 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 03:56:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AAC3 143 B
166 B 3ms
2ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 15:56:49 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6B1C 3 KB
1 KB 4ms
1ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:59:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:59:40 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C52C 1 KB
643 B 3ms
2ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 13123
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 12:24:31 GMT
etag: 48472445140208031
expires: Thu, 23 Nov 2023 12:24:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6B1C 20 KB
8 KB 5ms
2ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:59:39 GMT

GET
H2 200 17804420008800526992
tpc.googlesyndication.com/simgad/ Frame 6B1C 55 KB
55 KB 5ms
3ms Image
image/png 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17804420008800526992?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkSWxMn9J2JRWoevKsdDJmvit4RWw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42335a34f5ed079d8cc53b639bc984049ccbfb48f221bfa0492079c07252581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:00:03 GMT
x-content-type-options: nosniff
age: 50591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56472
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 00:25:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Nov 2024 02:00:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6B1C 0
0 36ms
35ms Image
text/html 2404:6800:4004:826::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQBkmVpi2Zk4c95yrDk5JQWHnEPmK9W5CFZOe94slAC3qYLfdeLlTNw_sT-q9bKSVub-m1aC9_7vQ3Gy0Mrm7wvfPrx6w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B1C 202 KB
64 KB 104ms
103ms Script
text/javascript 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 16:03:14 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6B1C 36 KB
15 KB 4ms
3ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 03:56:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 47BF 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 03:56:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 684E 143 B
166 B 4ms
3ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 15:56:49 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 47BF 3 KB
1 KB 4ms
1ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:59:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:59:40 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EE51 1 KB
643 B 5ms
4ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 13123
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 12:24:31 GMT
etag: 48472445140208031
expires: Thu, 23 Nov 2023 12:24:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 47BF 20 KB
8 KB 3ms
1ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:59:39 GMT

GET
H2 200 9891571045856914762
tpc.googlesyndication.com/simgad/ Frame 47BF 31 KB
31 KB 5ms
3ms Image
image/png 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9891571045856914762?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk8ApU--JrQ2FnFuxRV0gISnu8Q3Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

061aa19e24e0915ecf06a18227bb0185698e1d295f3b7fd5064688f651dc282c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 15:01:18 GMT
x-content-type-options: nosniff
age: 90116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31251
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 09:26:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Nov 2024 15:01:18 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 47BF 202 KB
64 KB 159ms
158ms Script
text/javascript 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 16:03:14 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 47BF 36 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 03:56:17 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C52C
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEOFpq2Z6eAeLVsXCG3paIIA&google_cver=1&google_push=AXcoOmQmDW3HLDXLb3U4VmCaDfEtb06QiazRM3tiDwa4ZMf5n3aVKeDDxlh6PIkoxF6Wardwr3hc21bj6mfa3VOix2aWdmu_Kp-tkAU6
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=ADDD7F774048480FB8DC14FDE795B1C6&google_push=AXcoOmQmDW3HLDXLb3U4VmCaDfEtb06QiazRM3tiDwa4ZMf5n3aVKeDDxlh6PIkoxF6Wardwr3hc21bj6mfa3VO...

170 B
188 B

41ms
41ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=ADDD7F774048480FB8DC14FDE795B1C6&google_push=AXcoOmQmDW3HLDXLb3U4VmCaDfEtb06QiazRM3tiDwa4ZMf5n3aVKeDDxlh6PIkoxF6Wardwr3hc21bj6mfa3VOix2aWdmu_Kp-tkAU6

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 16:03:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=ADDD7F774048480FB8DC14FDE795B1C6&google_push=AXcoOmQmDW3HLDXLb3U4VmCaDfEtb06QiazRM3tiDwa4ZMf5n3aVKeDDxlh6PIkoxF6Wardwr3hc21bj6mfa3VOix2aWdmu_Kp-tkAU6
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 21 Nov 2023 16:03:15 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C52C
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBSHX8E_fqzp99Qi8qnKFYE&google_cver=1&google_push=AXcoOmQS_fLia22kUlvVMKEd4VDg9YzdgJnV7B2IIy0_KeR3n-8WDYHYmv_dhbYbsaAgvIJu2BTeq...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQS_fLia22kUlvVMKEd4VDg9YzdgJnV7B2IIy0_KeR3n-8WDYHYmv_dhbYbsaAgvIJu2BTeqiMi0SPGRXH2jWfUhQD_k-7HHYCg

170 B
188 B

41ms
41ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQS_fLia22kUlvVMKEd4VDg9YzdgJnV7B2IIy0_KeR3n-8WDYHYmv_dhbYbsaAgvIJu2BTeqiMi0SPGRXH2jWfUhQD_k-7HHYCg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 16:03:14 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F8C165FB34004C85847D1AB26BF5A24B Ref B: TYO01EDGE0712 Ref C: 2023-11-22T16:03:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQS_fLia22kUlvVMKEd4VDg9YzdgJnV7B2IIy0_KeR3n-8WDYHYmv_dhbYbsaAgvIJu2BTeqiMi0SPGRXH2jWfUhQD_k-7HHYCg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKv9tSK3R7pxQM4VobAg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C52C
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEBM_3xiFAMw7wbG_qIowO9g&google_cver=1&google_push=AXcoOmQUI9IXclSd8-Af8NJpmgEHSi9WHVAlVT_qleo6XLZzw6xI2VXbGq2_DF809A5qnMCy1y4lvIAxpy2waQTcQ5HUw0Ci_SXdTWev
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NEEwMTAxNTE1NzQxREMwRg==

170 B
188 B

44ms
43ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NEEwMTAxNTE1NzQxREMwRg==

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NEEwMTAxNTE1NzQxREMwRg==
date: Wed, 22 Nov 2023 16:03:15 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C52C
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESELB3cwFV0RrDNyG10UgGgPI&c_param1=AXcoOmSdsPBbulZWKY8Ozo-vGFv89UV8cDRDqPSSP4EluGNpSuJlsv7BlJflSsDZES-08TZ2s89Cn_NzG6dkw1nAaaJRL5x3Cns1JYZU&gdpr=%%GDP...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSdsPBbulZWKY8Ozo-vGFv89UV8cDRDqPSSP4EluGNpSuJlsv7BlJflSsDZES-08TZ2s89Cn_NzG6dkw1nAaaJRL5x3Cns1JYZU

170 B
188 B

39ms
38ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSdsPBbulZWKY8Ozo-vGFv89UV8cDRDqPSSP4EluGNpSuJlsv7BlJflSsDZES-08TZ2s89Cn_NzG6dkw1nAaaJRL5x3Cns1JYZU

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSdsPBbulZWKY8Ozo-vGFv89UV8cDRDqPSSP4EluGNpSuJlsv7BlJflSsDZES-08TZ2s89Cn_NzG6dkw1nAaaJRL5x3Cns1JYZU
date: Wed, 22 Nov 2023 16:03:15 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C52C
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEHCWHmSWJ5peK0TphFYPC5M&google_cver=1&google_push=AXcoOmQk6aV9WgKbtzJjFaerw9tjoW_I8eYQO4jG1ZdJt3n1T544NshbJmDIj1oLc7HyizjjBQsJLPJ5QO78r...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEHCWHmSWJ5peK0TphFYPC5M&google_push=AXcoOmQk6aV9WgKbtzJjFaerw9tjoW_I8eYQO4jG1ZdJt3n1T544NshbJmDIj1oLc7HyizjjBQsJLPJ5QO78r...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQk6aV9WgKbtzJjFaerw9tjoW_I8eYQO4jG1ZdJt3n1T544NshbJmDIj1oLc7HyizjjBQsJLPJ5QO78r_b-LP_HxPHevAeewI2b&google_hm=cjgtYWxhQ3FGYTNV...

170 B
188 B

45ms
44ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQk6aV9WgKbtzJjFaerw9tjoW_I8eYQO4jG1ZdJt3n1T544NshbJmDIj1oLc7HyizjjBQsJLPJ5QO78r_b-LP_HxPHevAeewI2b&google_hm=cjgtYWxhQ3FGYTNVN3Z0blhoanM=

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 16:03:15 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQk6aV9WgKbtzJjFaerw9tjoW_I8eYQO4jG1ZdJt3n1T544NshbJmDIj1oLc7HyizjjBQsJLPJ5QO78r_b-LP_HxPHevAeewI2b&google_hm=cjgtYWxhQ3FGYTNVN3Z0blhoanM=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 240
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C52C
Redirect Chain

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEEnxLhxo-sIdxiMgyo0od3Y&google_cver=1&google_push=AXcoOmQ7rD22uiddhNOngtaawG_6v6DEAFvoCEl0ScFdMPjNz2-NEKKsg5eiu_A7EbUD9Cgppdz8Iy-rVdYfJAOOn...
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQ7rD22uiddhNOngtaawG_6v6DEAFvoCEl0ScFdMPjNz2-NEKKsg5eiu_A7EbUD9Cgppdz8Iy-rVdYfJAOOnL5UPwD4scSdIwHi&google_hm=AdkgUvdtIUvXjhU9...

170 B
188 B

43ms
43ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQ7rD22uiddhNOngtaawG_6v6DEAFvoCEl0ScFdMPjNz2-NEKKsg5eiu_A7EbUD9Cgppdz8Iy-rVdYfJAOOnL5UPwD4scSdIwHi&google_hm=AdkgUvdtIUvXjhU9qksoceE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQ7rD22uiddhNOngtaawG_6v6DEAFvoCEl0ScFdMPjNz2-NEKKsg5eiu_A7EbUD9Cgppdz8Iy-rVdYfJAOOnL5UPwD4scSdIwHi&google_hm=AdkgUvdtIUvXjhU9qksoceE
Date: Wed, 22 Nov 2023 16:03:14 GMT
Server: Apache
Connection: keep-alive
Content-Length: 235
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C52C
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQx_qeGDcrI5wGzf5FQuD4Q65_x_tv6Wy8-z8FKMe_uzrRdMvszs5nPNsg-d-n99NPnjYOhWSEDQ_UDDaM-Z1x3e0-IbpA3MHWxow&google_gid=CAESEDQdcVS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDQdcVSjyJIuBF8tIZOeHNQ&google_hm=T1BVZTk4NDBhY2UwZjg0NDllMzg0MzA1ODQ5OGE5OWNlZGU&google_nid=opera_norway_as&google_push=AXcoOmQx_qeG...

170 B
188 B

41ms
41ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDQdcVSjyJIuBF8tIZOeHNQ&google_hm=T1BVZTk4NDBhY2UwZjg0NDllMzg0MzA1ODQ5OGE5OWNlZGU&google_nid=opera_norway_as&google_push=AXcoOmQx_qeGDcrI5wGzf5FQuD4Q65_x_tv6Wy8-z8FKMe_uzrRdMvszs5nPNsg-d-n99NPnjYOhWSEDQ_UDDaM-Z1x3e0-IbpA3MHWxow

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:15 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDQdcVSjyJIuBF8tIZOeHNQ&google_hm=T1BVZTk4NDBhY2UwZjg0NDllMzg0MzA1ODQ5OGE5OWNlZGU&google_nid=opera_norway_as&google_push=AXcoOmQx_qeGDcrI5wGzf5FQuD4Q65_x_tv6Wy8-z8FKMe_uzrRdMvszs5nPNsg-d-n99NPnjYOhWSEDQ_UDDaM-Z1x3e0-IbpA3MHWxow
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 330
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C52C 0
12 B 39ms
38ms Image
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JdnSSTNJ-koXPk4SkZRsF4sAHyZrnnK3eYvwe-nVJEf-_fyXnEG6tl6waT21GOxprgvg5YwA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AAC3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

60ms
60ms

Document
text/html

2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 16:03:14 GMT
expires: Wed, 22 Nov 2023 16:03:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 16:03:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE51
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEOFpq2Z6eAeLVsXCG3paIIA&google_cver=1&google_push=AXcoOmR4Lf2Pp2Q8j8llNmgnkIuzQfJZay9YkGgWgtTmmrxmMA-7I4dM-DOy3DToP-EZ8dB30hY2pe7ZkayXnmgkZI_hARiEibivMb8
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DE7CC9008C134407B0CC6E4CA865401B&google_push=AXcoOmR4Lf2Pp2Q8j8llNmgnkIuzQfJZay9YkGgWgtTmmrxmMA-7I4dM-DOy3DToP-EZ8dB30hY2pe7ZkayXnmg...

170 B
188 B

39ms
38ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DE7CC9008C134407B0CC6E4CA865401B&google_push=AXcoOmR4Lf2Pp2Q8j8llNmgnkIuzQfJZay9YkGgWgtTmmrxmMA-7I4dM-DOy3DToP-EZ8dB30hY2pe7ZkayXnmgkZI_hARiEibivMb8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 16:03:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DE7CC9008C134407B0CC6E4CA865401B&google_push=AXcoOmR4Lf2Pp2Q8j8llNmgnkIuzQfJZay9YkGgWgtTmmrxmMA-7I4dM-DOy3DToP-EZ8dB30hY2pe7ZkayXnmgkZI_hARiEibivMb8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 21 Nov 2023 16:03:15 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE51
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBSHX8E_fqzp99Qi8qnKFYE&google_cver=1&google_push=AXcoOmQslizNAh_gy-w_nXngGRtwfo4ybQ0_lw-TJzN67Nxq8vAGjuiOw4ot6hA_I5j6JpsmfMloX...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQslizNAh_gy-w_nXngGRtwfo4ybQ0_lw-TJzN67Nxq8vAGjuiOw4ot6hA_I5j6JpsmfMloXjdOSJELtNU15_hJOX6ucL-4ww

170 B
188 B

41ms
41ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQslizNAh_gy-w_nXngGRtwfo4ybQ0_lw-TJzN67Nxq8vAGjuiOw4ot6hA_I5j6JpsmfMloXjdOSJELtNU15_hJOX6ucL-4ww

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 16:03:14 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A85F156081454630BB81399758BD52EF Ref B: TYO01EDGE0712 Ref C: 2023-11-22T16:03:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQslizNAh_gy-w_nXngGRtwfo4ybQ0_lw-TJzN67Nxq8vAGjuiOw4ot6hA_I5j6JpsmfMloXjdOSJELtNU15_hJOX6ucL-4ww
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKv9tSKyvjzFTqK5x7UA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE51
Redirect Chain

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEMWqh_y_8MpfKMVR1rCR3tU&google_cver=1&google_push=AXcoOmTp_nXSRhEqxbvluWYSjsH8LHMg33Yb0nyxnGEJzTFIeHX3AFPPNeMx7Hb8KKtXWkm60S7z4Nvz3OWstQTQF9B0ml2q...
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmTp_nXSRhEqxbvluWYSjsH8LHMg33Yb0nyxnGEJzTFIeHX3AFPPNeMx7Hb8KKtXWkm60S7z4Nvz3OWstQTQF9B0ml2qKKiKbA

170 B
188 B

42ms
42ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmTp_nXSRhEqxbvluWYSjsH8LHMg33Yb0nyxnGEJzTFIeHX3AFPPNeMx7Hb8KKtXWkm60S7z4Nvz3OWstQTQF9B0ml2qKKiKbA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmTp_nXSRhEqxbvluWYSjsH8LHMg33Yb0nyxnGEJzTFIeHX3AFPPNeMx7Hb8KKtXWkm60S7z4Nvz3OWstQTQF9B0ml2qKKiKbA
Date: Wed, 22 Nov 2023 16:03:14 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE51
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESENOoDiZY6jaI7exj7zNghkk&google_cver=1&google_push=AXcoOmTNwOXc2Ju8wTxT_Nx4WZKY4k8hqVJD7oFvZwxlsDa9G4TWiBBKK1F8_u3sM6nPFceTpd0fb0yNXfx66_lwJ2Q_C0jbSIn0LK4
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=d3U4WnNjN0NEYy1TUktCTlFTWmVaUQ%3D%3D&google_push=AXcoOmTNwOXc2Ju8wTxT_Nx4WZKY4k8hqVJD7oFvZwxlsDa9G4TWiBBKK1F8_u3sM6nPFceTpd0fb0yNXfx66...

170 B
188 B

40ms
40ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=d3U4WnNjN0NEYy1TUktCTlFTWmVaUQ%3D%3D&google_push=AXcoOmTNwOXc2Ju8wTxT_Nx4WZKY4k8hqVJD7oFvZwxlsDa9G4TWiBBKK1F8_u3sM6nPFceTpd0fb0yNXfx66_lwJ2Q_C0jbSIn0LK4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 16:03:14 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=d3U4WnNjN0NEYy1TUktCTlFTWmVaUQ%3D%3D&google_push=AXcoOmTNwOXc2Ju8wTxT_Nx4WZKY4k8hqVJD7oFvZwxlsDa9G4TWiBBKK1F8_u3sM6nPFceTpd0fb0yNXfx66_lwJ2Q_C0jbSIn0LK4
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 246

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE51
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFUnpFVYhSYw4Eor6g5YI5M&google_cver=1&google_push=AXcoOmQyWzNyGLrCWQNc-xJTTUsw-Fc3RbHk8SBr-wPYGgkCWZygYZcFAcTN5C5tWeM5PMDIBw0C5wiNZ6-ZsDAAYk60rP2...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQyWzNyGLrCWQNc-xJTTUsw-Fc3RbHk8SBr-wPYGgkCWZygYZcFAcTN5C5tWeM5PMDIBw0C5wiNZ6-ZsDAAYk60rP20MDspDA&google_hm=eS14blFMUmRGRTJwRzdJ...

170 B
188 B

42ms
42ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQyWzNyGLrCWQNc-xJTTUsw-Fc3RbHk8SBr-wPYGgkCWZygYZcFAcTN5C5tWeM5PMDIBw0C5wiNZ6-ZsDAAYk60rP20MDspDA&google_hm=eS14blFMUmRGRTJwRzdJUS5LQTBYcTFmaUJkckU1c0xOOH5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 16:03:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQyWzNyGLrCWQNc-xJTTUsw-Fc3RbHk8SBr-wPYGgkCWZygYZcFAcTN5C5tWeM5PMDIBw0C5wiNZ6-ZsDAAYk60rP20MDspDA&google_hm=eS14blFMUmRGRTJwRzdJUS5LQTBYcTFmaUJkckU1c0xOOH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE51
Redirect Chain

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESELqKBvREEO1NO4wGdlQX4dg&google_cver=1&google_push=AXcoOmT97TO1lGIoBgG4obdJeA-4iXXEmnqKUQFoP-r_rJW5JH4Np12OopADTvQh_2tt5OAxtIAiPM71UkQm6RytZ...
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESELqKBvREEO1NO4wGdlQX4dg&google_cver=1&google_push=AXcoOmT97TO1lGIoBgG4obdJeA-4iXXEmnqKUQFoP-r_rJW5JH4Np12OopADTvQh_2tt5OAxtIAiPM71UkQ...
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmT97TO1lGIoBgG4obdJeA-4iXXEmnqKUQFoP-r_rJW5JH4Np12OopADTvQh_2tt5OAxtIAiPM71UkQm6RytZcWrFcT0Zhr-_0s&google_hm=PKPpm-M5TOS...

170 B
188 B

39ms
39ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmT97TO1lGIoBgG4obdJeA-4iXXEmnqKUQFoP-r_rJW5JH4Np12OopADTvQh_2tt5OAxtIAiPM71UkQm6RytZcWrFcT0Zhr-_0s&google_hm=PKPpm-M5TOS_4cDL4QkjGw==

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmT97TO1lGIoBgG4obdJeA-4iXXEmnqKUQFoP-r_rJW5JH4Np12OopADTvQh_2tt5OAxtIAiPM71UkQm6RytZcWrFcT0Zhr-_0s&google_hm=PKPpm-M5TOS_4cDL4QkjGw==
Date: Wed, 22 Nov 2023 16:03:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE51
Redirect Chain

https://tracking.prismpartner.smt.docomo.ne.jp/sync/adx?google_gid=CAESEH4L8SX5qV03I3sWsgqy8P4&google_cver=1&google_push=AXcoOmTo2TsJwfmNT1srAjFxPQYKKSquwnfimULwU6OWTgpSEHi0gSTsr40U9oKKpVVcOfqZ6bRy...
https://cm.g.doubleclick.net/pixel?google_nid=prism_partnerinc&google_hm=OCGW5N0aQUitN3KjH6NgwA&google_push=AXcoOmTo2TsJwfmNT1srAjFxPQYKKSquwnfimULwU6OWTgpSEHi0gSTsr40U9oKKpVVcOfqZ6bRyBcB0gfQfyAAdP...

170 B
188 B

40ms
40ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=prism_partnerinc&google_hm=OCGW5N0aQUitN3KjH6NgwA&google_push=AXcoOmTo2TsJwfmNT1srAjFxPQYKKSquwnfimULwU6OWTgpSEHi0gSTsr40U9oKKpVVcOfqZ6bRyBcB0gfQfyAAdPD7rw1gdDlPvDPZU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=prism_partnerinc&google_hm=OCGW5N0aQUitN3KjH6NgwA&google_push=AXcoOmTo2TsJwfmNT1srAjFxPQYKKSquwnfimULwU6OWTgpSEHi0gSTsr40U9oKKpVVcOfqZ6bRyBcB0gfQfyAAdPD7rw1gdDlPvDPZU
date: Wed, 22 Nov 2023 16:03:14 GMT
content-length: 0
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EE51 0
12 B 38ms
38ms Image
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IITLKxH3qW8fuVZw3IEpkP8v3HfYw-DqR9ZGwCjfZW8h_5eUQzDxE4MgQKEo8nR1hJANUZ9w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 684E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

58ms
57ms

Document
text/html

2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 16:03:14 GMT
expires: Wed, 22 Nov 2023 16:03:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 16:03:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 82AF 676 B
421 B 40ms
40ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=e%E3%83%9E%E3%83%9C%E5%95%9FS%E3%80%8FFO%E3%80%8E%E3%83%AB%E3%83%90a%E9%96%89%E3%82%BB%EF%BC%B20%20%E9%96%8B%E9%97%9C%E3%82%B9%25m%E3%81%A7%E3%81%8C%E3%83%91t%EF%BC%92%E3%83%B3%E3%83%BC3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

011ebed227134c959f8fb88dde38bce545d340cf9c6f59f520da1447111e0c70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 16:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 16:03:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 16:03:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 82AF 7 KB
1 KB 42ms
42ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 16:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 14:50:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 16:03:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 82AF 2 KB
822 B 2ms
2ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 03:56:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 82AF 23 KB
9 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 03:56:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6FFF 143 B
166 B 4ms
2ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 15:56:49 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 82AF 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:59:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:59:40 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8AF7 1 KB
643 B 4ms
2ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 13123
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 12:24:31 GMT
etag: 48472445140208031
expires: Thu, 23 Nov 2023 12:24:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 82AF 20 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:59:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 82AF 0
0 42ms
40ms Image
text/html 2404:6800:4004:826::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGImi0kanGv2V2jlj9-SJC38K5KQjWpyZC0PvVHCDipOvj2GDoc1zyFbt3tUljerJ6lJUsD0ZjlRtQOEY30a0kRvXVZA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82AF 202 KB
64 KB 88ms
86ms Script
text/javascript 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 16:03:14 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 82AF 37 KB
15 KB 12ms
8ms Script
text/javascript 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 02:02:11 GMT

GET
DATA 200
OK truncated
/ Frame 47BF 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a54b3dbf6081436dccf1b9b5b3e01b314305795fa5a6d2b5534febf5937ec40

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 i.match
a.tribalfusion.com/ Frame 8AF7 43 B
417 B 131ms
129ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEGlyHCp77nVoVMko9SUdKK8&google_cver=1&google_push=AXcoOmRH67_xeW7jkmty7S1n-V7yDVVnH8fP0ano77lH-hVoe-amDntdyfJh2y9metjs5ESPMS6BPlJOu9MBBDJzUXU8QUJ6KdWJdA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRH67_xeW7jkmty7S1n-V7yDVVnH8fP0ano77lH-hVoe-amDntdyfJh2y9metjs5ESPMS6BPlJOu9MBBDJzUXU8QUJ6KdWJdA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:15 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82a266c23c7725f8-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AF7
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBSHX8E_fqzp99Qi8qnKFYE&google_cver=1&google_push=AXcoOmRh197U1SQnK3ZsG0kZ_WdNzzM4U-Pll8Q3cvhhGC6uXmxbVjiLcPawdCN0EOBGpC7IinLmH...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRh197U1SQnK3ZsG0kZ_WdNzzM4U-Pll8Q3cvhhGC6uXmxbVjiLcPawdCN0EOBGpC7IinLmHOkZccSnY3Kz0JxPxBwMTIY3my0

170 B
188 B

41ms
41ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRh197U1SQnK3ZsG0kZ_WdNzzM4U-Pll8Q3cvhhGC6uXmxbVjiLcPawdCN0EOBGpC7IinLmHOkZccSnY3Kz0JxPxBwMTIY3my0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 16:03:14 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: DE38B08735E44321B09C1D566651DE5E Ref B: TYO01EDGE0712 Ref C: 2023-11-22T16:03:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRh197U1SQnK3ZsG0kZ_WdNzzM4U-Pll8Q3cvhhGC6uXmxbVjiLcPawdCN0EOBGpC7IinLmHOkZccSnY3Kz0JxPxBwMTIY3my0
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKv9tTJBI42oOVkVxM3w==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AF7
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmRM1_3r...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmRM1_3r...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMjIxNjAzMTUwMDA4NzU3NzgyNzY5MA%3D%3D&google_push=AXcoOmRM1_3rv4wOzg09YAOosUr__4mKrfs8A7Vo2KGbzJ-ZUrbrj6DJksLtRKM3tNvmGJ...

170 B
188 B

38ms
38ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMjIxNjAzMTUwMDA4NzU3NzgyNzY5MA%3D%3D&google_push=AXcoOmRM1_3rv4wOzg09YAOosUr__4mKrfs8A7Vo2KGbzJ-ZUrbrj6DJksLtRKM3tNvmGJ3lsS2OJ7R8EBh9lhx60Qp6PlyeaMS6AMg

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMjIxNjAzMTUwMDA4NzU3NzgyNzY5MA%3D%3D&google_push=AXcoOmRM1_3rv4wOzg09YAOosUr__4mKrfs8A7Vo2KGbzJ-ZUrbrj6DJksLtRKM3tNvmGJ3lsS2OJ7R8EBh9lhx60Qp6PlyeaMS6AMg
pragma: no-cache
date: Wed, 22 Nov 2023 16:03:15 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Wed, 22 Nov 2023 16:03:15 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AF7
Redirect Chain

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEIlAUjUsxFHprLKmStOy5bY&google_cver=1&google_push=AXcoOmRTC82MHHFbcZlS-H43EXKHMUJfkT6d5tOShNkZ7MIdQ9PmHEusEtwhA9asHoZZkmKYMmuPzjUKaDtJ-i0XAUdQDNHGEDQw9Ao
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmRTC82MHHFbcZlS-H43EXKHMUJfkT6d5tOShNkZ7MIdQ9PmHEusEtwhA9asHoZZkmKYMmuPzjUKaDtJ-i0XAUdQDNHGEDQw9Ao&google_hm=NTdURzNFMDFWQkRBSzAw...

170 B
188 B

42ms
42ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmRTC82MHHFbcZlS-H43EXKHMUJfkT6d5tOShNkZ7MIdQ9PmHEusEtwhA9asHoZZkmKYMmuPzjUKaDtJ-i0XAUdQDNHGEDQw9Ao&google_hm=NTdURzNFMDFWQkRBSzAwN2g5Zjg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-store, no-cache
Date: Wed, 22 Nov 2023 16:03:14 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location: //cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmRTC82MHHFbcZlS-H43EXKHMUJfkT6d5tOShNkZ7MIdQ9PmHEusEtwhA9asHoZZkmKYMmuPzjUKaDtJ-i0XAUdQDNHGEDQw9Ao&google_hm=NTdURzNFMDFWQkRBSzAwN2g5Zjg
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-SID: 159f32b0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AF7
Redirect Chain

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESELqKBvREEO1NO4wGdlQX4dg&google_cver=1&google_push=AXcoOmRjO-ImdG26MPOGCrtNr5caX-Mgc42x6rMo8SuV4pityLoTdLVOiATlb1vBeQ0ggtNIr31DjCvgYq2x_wQZp...
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESELqKBvREEO1NO4wGdlQX4dg&google_cver=1&google_push=AXcoOmRjO-ImdG26MPOGCrtNr5caX-Mgc42x6rMo8SuV4pityLoTdLVOiATlb1vBeQ0ggtNIr31DjCvgYq2...
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmRjO-ImdG26MPOGCrtNr5caX-Mgc42x6rMo8SuV4pityLoTdLVOiATlb1vBeQ0ggtNIr31DjCvgYq2x_wQZp464vpOKGR4lJw&google_hm=PKPpm-M5TOS_...

170 B
188 B

41ms
41ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmRjO-ImdG26MPOGCrtNr5caX-Mgc42x6rMo8SuV4pityLoTdLVOiATlb1vBeQ0ggtNIr31DjCvgYq2x_wQZp464vpOKGR4lJw&google_hm=PKPpm-M5TOS_4cDL4QkjGw==

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmRjO-ImdG26MPOGCrtNr5caX-Mgc42x6rMo8SuV4pityLoTdLVOiATlb1vBeQ0ggtNIr31DjCvgYq2x_wQZp464vpOKGR4lJw&google_hm=PKPpm-M5TOS_4cDL4QkjGw==
Date: Wed, 22 Nov 2023 16:03:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AF7
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKQ7dZsB1mo57M3zyexSDtU&google_cver=1&google_push=AXcoOmSbByEFcMCVHJeEqee1GRABfJrb31-ANgq7wJB1Lj_h693fVVWhlDeH1AvBVhvZ5o8mwWlsPCl3RMAnzR8...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jsoMmg-FVohsPCSdOg444ZJGycs&google_push=AXcoOmSbByEFcMCVHJeEqee1GRABfJrb31-ANgq7wJB1Lj_h693fVVWhlDeH1AvBVhvZ5o8mwWlsPCl3RMAnzR...

170 B
188 B

42ms
41ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jsoMmg-FVohsPCSdOg444ZJGycs&google_push=AXcoOmSbByEFcMCVHJeEqee1GRABfJrb31-ANgq7wJB1Lj_h693fVVWhlDeH1AvBVhvZ5o8mwWlsPCl3RMAnzR8VZXRN6FyvbJOy6xE

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jsoMmg-FVohsPCSdOg444ZJGycs&google_push=AXcoOmSbByEFcMCVHJeEqee1GRABfJrb31-ANgq7wJB1Lj_h693fVVWhlDeH1AvBVhvZ5o8mwWlsPCl3RMAnzR8VZXRN6FyvbJOy6xE
Date: Wed, 22 Nov 2023 16:03:15 GMT
Connection: keep-alive
Content-Length: 245
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 8AF7 42 B
233 B 495ms
164ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEK5mPpB1tdSiiu_TARUAh04&google_cver=1&google_push=AXcoOmT2Sbfhe9WwUSPGZpsdZ-_vdfzzlmKr0BUzud2GVfSdJHADmh2yhStiXHdvEOF8Saz8jIouu3MwHX64k9N0sM1Y4JTrLN0y4g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 16:03:15 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8AF7 0
12 B 38ms
38ms Image
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lpx6ig0upXfGjrAlddy25XhwqgA_kfg2cI26LYKgyXKOmKOXoDL8WW3V5Ma-QMvq02xdnn

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6FFF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

58ms
57ms

Document
text/html

2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 16:03:15 GMT
expires: Wed, 22 Nov 2023 16:03:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 16:03:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6B1C 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f54c6363dec1568a39419c663147d83eb2767a41903ad4a18c4ebce1a1012f78

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 4426 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:14:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 463706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 07:14:48 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6B1C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cd6XEQSZeZfrfPNGQ8wOp7LHgAYbyk610kZnul6US2tkeEAEgn-PXBmCJ88WE9BOgAbWK7-sCyAECqQIaUttb7N88PqgDAcgDyQSqBM4BT9A9zI--cf3PVjj6qA4rXqoTKz3A98ufL8TkZqa...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc34e327a6a5d5f2c0000000000000000%22,%222%22:%220x174dd9e8bef4ea8e0000000000000000%22,%223%22:%220x4db869...

0
0

42ms
42ms

Fetch
text/css

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc34e327a6a5d5f2c0000000000000000%22,%222%22:%220x174dd9e8bef4ea8e0000000000000000%22,%223%22:%220x4db8696510cf8f870000000000000000%22,%224%22:%220x6e488a83ad59a94d0000000000000000%22,%225%22:%220x7b2b4b7054492b5a0000000000000000%22},%22debug_key%22:%2216460640610060680577%22,%22debug_reporting%22:true,%22destination%22:%22https://ncsoft.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22763086133%22],%224%22:[%2211-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22650440625084128257%22}&andc=true

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:15 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xc34e327a6a5d5f2c0000000000000000","2":"0x174dd9e8bef4ea8e0000000000000000","3":"0x4db8696510cf8f870000000000000000","4":"0x6e488a83ad59a94d0000000000000000","5":"0x7b2b4b7054492b5a0000000000000000"},"debug_key":"16460640610060680577","debug_reporting":true,"destination":"https://ncsoft.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["763086133"],"4":["11-22"],"6":["true"]},"priority":"500","source_event_id":"650440625084128257"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 22 Nov 2023 16:03:15 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Nov 2023 16:03:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc34e327a6a5d5f2c0000000000000000","2":"0x174dd9e8bef4ea8e0000000000000000","3":"0x4db8696510cf8f870000000000000000","4":"0x6e488a83ad59a94d0000000000000000","5":"0x7b2b4b7054492b5a0000000000000000"},"debug_key":"16460640610060680577","debug_reporting":true,"destination":"https://ncsoft.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["763086133"],"4":["11-22"],"6":["true"]},"priority":"500","source_event_id":"650440625084128257"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 40ms
39ms Preflight
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 16:03:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 47BF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CHFnmQSZeZfzfPNGQ8wOp7LHgAcDi9oh015-Fx_gR2tkeEAEgn-PXBmCJ88WE9BOgAY613pUDyAECqQIaUttb7N88PqgDAcgDyQSqBNABT9AUcEr0W0kNVV_QgByaEXehAh1Fa_hWs_srxxQ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb3c2713083462d6c0000000000000000%22,%222%22:%220x91bc849c6d9496eb0000000000000000%22,%223%22:%220x15f0d4...

0
0

39ms
39ms

Fetch
text/css

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb3c2713083462d6c0000000000000000%22,%222%22:%220x91bc849c6d9496eb0000000000000000%22,%223%22:%220x15f0d42573036d130000000000000000%22,%224%22:%220xfe9b4ecf4e1190ec0000000000000000%22,%225%22:%220xd6ace7687c56f6b00000000000000000%22},%22debug_key%22:%224417805468365638240%22,%22debug_reporting%22:true,%22destination%22:%22https://ntv.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22850893454%22],%224%22:[%2211-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212902134297259323537%22}&andc=true

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:15 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xb3c2713083462d6c0000000000000000","2":"0x91bc849c6d9496eb0000000000000000","3":"0x15f0d42573036d130000000000000000","4":"0xfe9b4ecf4e1190ec0000000000000000","5":"0xd6ace7687c56f6b00000000000000000"},"debug_key":"4417805468365638240","debug_reporting":true,"destination":"https://ntv.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["850893454"],"4":["11-22"],"6":["true"]},"priority":"500","source_event_id":"12902134297259323537"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 22 Nov 2023 16:03:15 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Nov 2023 16:03:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xb3c2713083462d6c0000000000000000","2":"0x91bc849c6d9496eb0000000000000000","3":"0x15f0d42573036d130000000000000000","4":"0xfe9b4ecf4e1190ec0000000000000000","5":"0xd6ace7687c56f6b00000000000000000"},"debug_key":"4417805468365638240","debug_reporting":true,"destination":"https://ntv.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["850893454"],"4":["11-22"],"6":["true"]},"priority":"500","source_event_id":"12902134297259323537"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 652B 39 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: heroes.fws.tw
URL: https://heroes.fws.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:14:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 463707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 07:14:48 GMT

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame A8D3 39 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:14:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 463707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 07:14:48 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 38ms
38ms Preflight
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 16:03:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C5A5 42 B
64 B 91ms
49ms Fetch
image/gif 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudyG0t-fMEdN_nhLiozGSJyZQ-lLxICXb760UkxeMMbhZAgn96ST50UDoYzUdt1g8OUF-VFQYo37Juxo86m2dRpaZ68xslnMZry9QYZbbMd9o9obQwqEEWNzjwejpSb-sh8t5kta-mdC8uRUa1DXfpSw1Bw6nTR5yANOj3XyB54yZG7_j1nCd4LfIQOho6Xk8LOwdtsFjq6vxxXiFR1Jo3RycqKGiMg_SPsTFB-v7_j42vnHtUpB2RIqsSDSGG5d6eZaGJxpsvweIu0Fz9WjOTUj7jw3lGMtScaMNLqVxrMpHGSWVdt5u5fk2neBC_z5sZvVNGY7nM7OpG-kcN4qEkD9MBkYLQ5AgEaSot-tDdTL5saYhAy7T0h94PR-hHrhX8OKNxNhDEhY5WgNILuBkjkZhL2mN__54_5i9yjQSNmtY8Vn4o184JjQ2F0nYk0ys5fyKUqP8sKiIMkj9Su_wfzna8xeVJ50Vib8uVcbiLx6y_UeqCSGRWN_ywH20jCy_4qnEOlIivwpS8LSSnTwf2WW31HOIswcQLSTh11twgN1JQXunvi2GYrOCdqOeS0znaDvBqR6QrLjdcyWgkiF8mgCQFffyspGBz-wDt4TktFP1G1baRIYu0zYzDRe7AU0njWwTDplkIUzxfurIbLajG7HtLzNlVrzq_T3BWSu8SYxsWzUpdmPowLN4ofW55e9vjJgHNe2IKEGSdLEHUSEEzKoRG9aDXWCfTYei_3x1Mo6ZfmZI_cjCpjHTtUAAx_agS6pS_5O2z0C1bW3clru1odJB-7JiJIT8SQu5pawlYTeU8KcKbnyTIDBG_Ph8bXbkpAEz_Nbpj1LmgEdmG_hpXTutZxlmyvYWARSdfL3kWWzBDLE5fyyy9x_fiwDGj3wzMpo9L_EU1_Wlfr-RFsf1b_sVbGwy9iKzScxXpIqbw2LdmrgDLq9iCr_U3ixckYqQ3fcrJTrpW9vfsoLMnub-3v0Vp4Ut1AsbQI69YX_W40r6SNoKSQ9Q14C6dhw_o6b5xrWcMXsLxRJtPP89s4Si8YogBia89LCDvjvz4ixrIKMdDLQTf6c6RXbp2ssynL82qdTWOGpxZxnJ5bt9chXaY0cZzk6mKT_uLFTbyNxFAJUMOZqmLewgj-qbt5dm7&sai=AMfl-YR1b5fwkW3KatOucpxyT3uwvG5vMJPKUw6fcRFHZhqk0G-iWUrMVn8xJRqSL09oPYe5FLEcTgRICg3j2iY-UzcTWbNgj8zu8xzBML69s6aZqhV7FHg5uUlR5enVaS2vKJZZ014nRRMRxw&sig=Cg0ArKJSzMq5EmHNe3JgEAE&cid=CAQSPADICaaNmYWXzN7SJ-0aGuB5Oe3ochuQQQJiPlUuyfrGJuAiZ5iiThmjW9XZjpDLuSxMd0R36xxhQZa3_hgB&id=lidar2&mcvt=1000&p=0,0,167,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2923980901&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700668993927&rpt=582&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 av Show response
ad.holmesmind.com/adserver/ Frame 1BD8 0
152 B 8ms
7ms Script
text/html 13.113.7.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/av?p=4698:98122:189023:1fd77bfbc112203215c3219089d3a2de:14756&type=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.7.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-7-192.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://heroes.fws.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:03:15 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6B1C 42 B
64 B 47ms
45ms Fetch
image/gif 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaeMogLEOBHKyyPujGpBpcNYuE0kPCLOK2UMehRKoI6aMccGfdt25GgIkWDVoHrPxfMVlm_auielNTBfIWtetl2am1cjskrR53giFACUlK_8YhXDnRZsEeiHO1ctS_stUXHAAsk4oy8g&sai=AMfl-YRWvKvXq6FkilLDgD_MzJFVMZtK7Um7knDfV-7nSoNktwDIWfzc2ku9DpDHMmXy32okgIA3F2AwanFTJSxVitFi2_iNUQqOCuGN8490WgjJR-DWCzFjc0mwu9M&sig=Cg0ArKJSzO3nGIU6rxOnEAE&cid=CAQSOwDICaaN9pMI0bfu8vY1jeXM9fyYIcfHR_2Ik2GXeiqDGUK5qR-zzEReZ2DJ3stWR57OW75mgU5McwDbGAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700668994745&rpt=212&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 47BF 42 B
64 B 50ms
49ms Fetch
image/gif 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-A8tBoCP89LF5uDQMiuWSvEcxUSlfj2z78zbpbfGGfwRX6pHYVAmjASzFXyOBOlfJOB2kLGJNzwm_VPFgEAAS_Pgtq4VB-hIqBfPJhzTehmyvSLqy3et1Isr_NaQj38vIMOkgZFMrSuarzvaFVtIe4BT1yabFD9rYSo-D0JfkDIRl_IP4deSepelB1vf056gvd43YtjVe5-tRWs3mI6xhfL8mh4KHXKFI9e3q1olaUospu7hmCUXZB7-ZMXIfGiZ5wkUhfXE-OrFWg8eNu51jrbGJOmV-aGkg9nnJqHmCNUWHSxTYZZCn8uWtRIXLkdJEv4ekoMTzaZfke9dz-pwKOm0KeVW44jGII-JgyGao_Dy_DMH70ew4ORpI49Vk7BWbLnIQo_guRNmzZvovlCWAcLqcabzV-kvY5OQJMKa-0B5XXQzxgxDEK0uHGZEwxv7ehaYbRk_RA857uJ1yeO_tCWCDMPpIIF8stq-42fkOI4vMRPFFZTGX5-jyHjRovHzHC-9a7FhUqXOqP_c0sdVQ2tsoOc0-Gl9dfgbUO1ZUpmNK1QIsK2CeB1q_gR7BhVpROVca0Aew6mUhBkFGfHrN4-7ZK5QcuKtoyH3y7Xcw-UeZY8nX2XygUySDZOPegNFM8Riuf5nHt3Mo02DFE1STDbMaU7GkQhrco9yJKF2b0IxujMruofV7ABJ0AqSYVE9hk6HjgRgrpf4id01VC-e5N0d37EFyyPh0E_Shy1yOjN__jxS_tYt_nQ0M2EIaW9jjo69eQ_99Azh1Ob-2neGTdGz0phxr8o1k3LUqyuNmy14uV82XGFXjIclq2Jr5bRPBHGP1917Y0UXPMu5L6Guaj5vh4QgXqcyGTlzfxnfWGxftFWc9_DgaR_BHWW8dX5Kru5BkZZ2q982zLP_4ktwb2VtM3_R1i9SaJkgAZhgws5KHPVq9Powa-4a4WP5bed3lRoviYgT0IDZzK3dmf5dHt7CYaCIgm0-VkimqgV6oKH0L3sAl1yRAlN2yIs3E3xPND_AvcFlulZdEs3-EhXkQZYsoWUx4k32li-CyunG4GM_OFE1c28AdbBFp6MzauKnBJTsfhl7R_6dU28fj1q25X7QFfGRKWYv6-7PtO_Y9mDu3frF2HSuNi0YcPYQjxw&sai=AMfl-YR8vNfIxB8mvRkYJZeamLVCHMUhGasohaxg1ZwhkWOnF7H43zqDW9jxpK5JTVZVD7tXW9KeYER5NEfFemtFp79FteWeS1OswK81IfA5yDMwXudlSH1gOgpqDRLb0YZgddM-U7tpyoUA&sig=Cg0ArKJSzDudZEFvfS2fEAE&cid=CAQSOwDICaaN9pMI0bfu8vY1jeXM9fyYIcfHR_2Ik2GXeiqDGUK5qR-zzEReZ2DJ3stWR57OW75mgU5McwDbGAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=99,782,1000,1075,1075&tos=99,683,218,75,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700668994748&rpt=322&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 16:03:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fcm.holmesmind.com
URL: https://fcm.holmesmind.com/cm.php

Domain: fcm.holmesmind.com
URL: https://fcm.holmesmind.com/cm.php

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
heroes.fws.tw/	1969-12-31 23:59:59	Name: PHPSESSID Value: 93lue0h80n7dp0hiha6dqcv583
.fws.tw/	1970-01-21 02:00:28	Name: _ga Value: GA1.2.2006913761.1700668993
.fws.tw/	1970-01-20 16:25:55	Name: _gid Value: GA1.2.2144330126.1700668993
.fws.tw/	1970-01-20 16:24:29	Name: _gat Value: 1
.holmesmind.com/	1970-01-20 16:25:55	Name: fcm Value: 1
.fws.tw/	1970-01-21 02:00:28	Name: _ga_XCDZWDFBWS Value: GS1.2.1700668993.1.0.1700668993.60.0.0
.fws.tw/	1970-01-20 17:07:40	Name: ISMD5VERSION Value: 1
.fws.tw/	1970-01-20 17:07:40	Name: CFFPCKUUID Value: 251-tLbopyVP64SbP4NmtusiSWMz82lD7SsD
.fws.tw/	1970-01-20 17:07:40	Name: CFFPCKUUIDMAIN Value: 5114-8WPmHVFvhFawNLnoTlkf0w1OPV8ebDVD
.fws.tw/	1970-01-20 17:07:40	Name: FPUUID Value: 5114-72e17b22edf9d55c7dcda5e8dbc84e75
.doubleclick.net/	1970-01-21 02:00:28	Name: IDE Value: AHWqTUnTVONlx7B-1Z3F3m-41s_CVlR_Ag7mi4TajBxpLtbmXV35Q2yhCdbeIp8bOTM
.c.appier.net/	1970-01-21 01:11:31	Name: _auid Value: wu8Zsc7CDc-SRKBNQSZeZQ
.hinet.net/	1970-01-21 02:00:28	Name: uuid Value: 997a671b-6fcf-415b-80fc-820075640b30
.lndata.com/	1970-01-21 01:10:33	Name: admckid Value: 2311230003131430044
.fws.tw/	1970-01-21 01:10:04	Name: __htid Value: 997a671b-6fcf-415b-80fc-820075640b30
.fws.tw/	1970-01-20 16:24:32	Name: _ht_em Value: 1
.holmesmind.com/	1970-01-20 16:45:36	Name: Vision Value: 20231123-23:59,20231123-03,20231123-03,20231123-23:59
.holmesmind.com/	1970-01-20 16:45:36	Name: C Value: null
.holmesmind.com/	1970-01-20 18:49:26	Name: RK Value: null
.holmesmind.com/	1970-01-21 02:00:28	Name: P Value: 420423-ucBsMv9ebZa9M4P0ed8aMcDuitS2Fj6A
.adsrvr.org/	1970-01-21 01:11:31	Name: TDID Value: e2128119-c9f3-485a-9e6b-207bb08df7a2
.adsrvr.org/	1970-01-21 01:11:31	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIxPrMjtLftTwQBRgFIAEoAjILCLCczLvo37U8EAU4AQ..
.fws.tw/	1970-01-21 01:46:04	Name: __gads Value: ID=ddbdf72f74819881:T=1700668993:RT=1700668993:S=ALNI_MYbmOb3eSPC4XZoVe5S3j_BgQzaGA
.fws.tw/	1970-01-21 01:46:04	Name: __gpi Value: UID=00000c94403e5c22:T=1700668993:RT=1700668993:S=ALNI_MbGkjpsVuoNPRvdVmg8O0yj0vnfyQ
.yahoo.co.jp/	1970-01-21 01:11:31	Name: XA Value: 0c25vmhils9i2&sd=A&t=1700668994&u=1700668994&v=1
.yahoo.co.jp/	1970-01-21 02:00:28	Name: XB Value: 57439j5ils9i2&b=3&s=mi
.doubleclick.net/	1970-01-20 16:24:32	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 18:34:04	Name: d Value: EAwBCQG-KoEA
.quantserve.com/	1970-01-21 01:54:43	Name: mc Value: 655e2642-86fea-b0432-d3cee
.yahoo.com/	1970-01-21 01:10:26	Name: A3 Value: d=AQABBEImXmUCECs2ByTylmMSjovsXdlQlWsFEgEBAQF3X2VoZQAAAAAA_eMAAA&S=AQAAAsJlZaKSpUatOI42UPo8knU
.googleadservices.com/	1970-01-20 18:34:04	Name: ar_debug Value: 1
.uncn.jp/	1970-01-21 01:10:04	Name: t Value: v_d92052f7-6d21-4bd7-8e15-3daa4b2871e1
.docomo.ne.jp/	1970-01-21 02:00:28	Name: adxppthrd Value: 382196e4-dd1a-4148-ad37-72a31fa360c0
.c.appier.net/	1970-01-20 17:07:40	Name: _gu Value: CAESENOoDiZY6jaI7exj7zNghkk
.linkedin.com/	1970-01-20 16:25:55	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=3021:u=1:x=1:i=1700668994:t=1700755394:v=2:sig=AQGo18lEFIDA0v2LWijvMtwkrERfG9Et"
.r-ad.ne.jp/	1970-01-20 20:43:40	Name: r_ad_token Value: 57TG3E01VBDAK007h9f8
.linkedin.com/	1970-01-21 01:10:04	Name: bcookie Value: "v=2&f330abcf-9cd0-4079-8c12-296b2b1f71d7"
.tribalfusion.com/	1970-01-20 18:34:04	Name: ANON_ID Value: akntmItlix98qyTAZaVq6ernlEZawDJ3HnTmonVxUSKRhu89At1U3UwHOjn8thiYybrssXEsu57vTmRETbBjX2NZdoH
.simpli.fi/	1970-01-21 01:11:31	Name: suid Value: DE7CC9008C134407B0CC6E4CA865401B
.e.dlx.addthis.com/	1970-01-21 01:54:43	Name: na_tc Value: Y
.bidswitch.net/	1970-01-21 01:10:04	Name: c Value: 1700668995
.bidswitch.net/	1970-01-21 01:10:04	Name: tuuid_lu Value: 1700668995
.bidswitch.net/	1970-01-21 01:10:04	Name: tuuid Value: 3ca3e99b-e339-4ce4-bfe1-c0cbe109231b
.bidswitch.net/	1970-01-20 16:24:29	Name: google_push Value: AXcoOmRjO-ImdG26MPOGCrtNr5caX-Mgc42x6rMo8SuV4pityLoTdLVOiATlb1vBeQ0ggtNIr31DjCvgYq2x_wQZp464vpOKGR4lJw
.addthis.com/	1970-01-21 01:54:43	Name: na_id Value: 2023112216031500087577827690
.addthis.com/	1970-01-21 01:54:43	Name: na_tc Value: Y
.addthis.com/	1970-01-21 01:54:43	Name: uid Value: 655e2643cbe89141
.addthis.com/	1970-01-21 01:54:43	Name: ouid Value: 655e2643000129d1f1520f6cf0ed32789746676da4e0bba0ddcf
.dlx.addthis.com/	1970-01-20 17:07:40	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 17:07:40	Name: na_sr Value: 20231122
.dlx.addthis.com/	1970-01-20 16:24:29	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 17:07:40	Name: na_sc_e Value: 0
fksnk.com/	1970-01-20 16:34:33	Name: AWSALBCORS Value: GoppdGTvB2xz2wkUt+z/s/Zfm/pWdBjYyg4VP+HZnes6VZGfTj/ItnazUxY5NrzMH28z2x60xHcAgvXakJNmaa2xaJFKztDkWrb9JPTnf1sQHeeRc/AMrWuqA+yO
.fksnk.com/	1970-01-20 18:34:04	Name: f_001 Value: 4A0101515741DC0F
.fksnk.com/	1970-01-20 16:25:55	Name: g_001 Value: 1
.zemanta.com/	1970-01-21 01:10:04	Name: zuid Value: r8-alaCqFa3U7vtnXhjs
.uuidksinc.net/	1970-01-21 01:10:04	Name: jcsuuid Value: JQbtaHGL58KzUQ91meez
.adx.opera.com/	1970-01-21 01:10:04	Name: UID Value: OPUe9840ace0f8449e3843058498a99cede
sync.srv.stackadapt.com/	1970-01-21 01:10:04	Name: sa-user-id Value: s%3A0-8eca0c9a-0f85-5688-6c3c-249d3a0e38e1.AFLN%2FV%2FfrQ3XlyV1J8JicXoRe0RLyIJtT2ymcXbYbbs
.srv.stackadapt.com/	1970-01-21 01:10:04	Name: sa-user-id Value: s%3A0-8eca0c9a-0f85-5688-6c3c-249d3a0e38e1.AFLN%2FV%2FfrQ3XlyV1J8JicXoRe0RLyIJtT2ymcXbYbbs
sync.srv.stackadapt.com/	1970-01-21 01:10:04	Name: sa-user-id-v2 Value: s%3AjsoMmg-FVohsPCSdOg444ZJGycs.N0FKuvtt7qIaHylBvK%2Bx77L8RtxVK04LxpU27PViUj0
.srv.stackadapt.com/	1970-01-21 01:10:04	Name: sa-user-id-v2 Value: s%3AjsoMmg-FVohsPCSdOg444ZJGycs.N0FKuvtt7qIaHylBvK%2Bx77L8RtxVK04LxpU27PViUj0
sync.srv.stackadapt.com/	1970-01-21 01:10:04	Name: sa-user-id-v3 Value: s%3AAQAKIDhw1Bg4Df-Spvf_8_Xs2E2OZ0DPZkpEW5u_OYBmtee_EHwYBCDDzPiqBjABOgRyABfNQgSwZNlS.A1UWV%2FXsfzXos9RdWMMlmTgILsAPrUgPVNA%2FAsN2HWw
.srv.stackadapt.com/	1970-01-21 01:10:04	Name: sa-user-id-v3 Value: s%3AAQAKIDhw1Bg4Df-Spvf_8_Xs2E2OZ0DPZkpEW5u_OYBmtee_EHwYBCDDzPiqBjABOgRyABfNQgSwZNlS.A1UWV%2FXsfzXos9RdWMMlmTgILsAPrUgPVNA%2FAsN2HWw

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://heroes.fws.tw/uploads/events/469_640. Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://heroes.fws.tw/uploads/events/470_640. Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEAtkAMrDpy8hHCk1dglEKHE&google_cver=1&google_push=AXcoOmSVxOtMyg5tREeDX8BpO-DpYsOnhsCZsUAGyxPJodizEofuEckx60NBuEVRQiY5eABL23cXUehQmIqkBc_SRQSwQGRc0_gY1dG1ZQ Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

997a671b-6fcf-415b-80fc-820075640b30.t.ssp.hinet.net
a.c.appier.net
a.tribalfusion.com
ad.holmesmind.com
ad2.apx.appier.net
analytics.google.com
b1sync.zemanta.com
bidder.criteo.com
c.holmesmind.com
cdn.doublemax.net
cdn.holmesmind.com
cksync.yahoo.co.jp
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cm.lndata.com
cms.quantserve.com
connect.facebook.net
cs.r-ad.ne.jp
ds.uncn.jp
dsp.adkernel.com
e.dlx.addthis.com
fcm.holmesmind.com
fcm2.holmesmind.com
fksnk.com
fonts.googleapis.com
gocm.c.appier.net
googleads.g.doubleclick.net
heroes.fws.tw
img.youtube.com
m.holmesmind.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
px.ads.linkedin.com
s.tribalfusion.com
s.uuidksinc.net
static.criteo.net
stats.g.doubleclick.net
sync.srv.stackadapt.com
t.adx.opera.com
t.ssp.hinet.net
tpc.googlesyndication.com
tracking.prismpartner.smt.docomo.ne.jp
um.simpli.fi
v9999.adv.admeme.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
fcm.holmesmind.com
103.132.192.30
116.50.36.71
13.113.7.192
142.251.42.194
15.197.162.181
172.105.213.147
172.105.221.29
172.105.237.221
174.137.133.49
18.176.234.133
18.179.244.128
183.79.219.124
185.196.197.130
2001:4860:4802:36::181
203.75.214.136
210.59.219.34
23.36.17.70
2404:6800:4004:80a::2001
2404:6800:4004:810::2002
2404:6800:4004:81e::2003
2404:6800:4004:823::200a
2404:6800:4004:823::200e
2404:6800:4004:824::200e
2404:6800:4004:826::2004
2404:6800:4004:828::2002
2404:6800:4008:c13::9d
2404:6800:400a:80e::2003
2404:6800:400a:813::2008
2406:2600:4::1
2406:2600:4::12
2406:da18:929:5a03:f39c:a2b:35d9:afdd
2600:9000:20e4:1000:0:e06c:e940:93a1
2606:4700::6812:19ad
2620:116:800e:21:c338:3a39:7c0b:1a51
2620:1ec:21::14
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
3.33.220.150
34.124.209.251
34.95.67.231
35.190.36.98
35.201.76.93
35.213.12.39
35.227.249.156
51.79.152.76
52.198.14.149
52.199.184.125
52.73.146.218
52.73.244.107
54.250.211.17
64.202.112.159
65.9.42.23
82.145.213.8
0117bac541af145608682cc14c09eeb12f25017e927bc47e437c968b24d7423b
011ebed227134c959f8fb88dde38bce545d340cf9c6f59f520da1447111e0c70
061aa19e24e0915ecf06a18227bb0185698e1d295f3b7fd5064688f651dc282c
0699651878af29279dd8e75d6c253c604fb5688113161e4b46edf8c9dc8b2128
0801c5b0c2816077526af9583a41e85d5738a790a8ba13cb2c71be13db7820d5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bab4c8b17495850b37555f64c7876bbdf5dfb406778acf96e58dddfc497d967
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2
12d616b8148fa06ccc235d858fd5ff1ff08208ce68945e2dfd19ed7d4a3ef2d8
13caec60baa9c9e8c3946352ffd5b31a7b3b6a70652883c8ea5c2ca1811318df
146111050a7d56d8bbcede33392087163f2a94327ee8c9cf6197f23c911b6654
16191b1aad4c5728ea76a5d026e674004547558d71a166df2560695c7b6cd52b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19986902674c86b942ac30a01971b57fa943279966dfede3010de4ea80662df1
21e52f95d8d14e2be9f825c76f6724e71512c94642f84ca5fac0ea6a3648c0a7
2270d7c79d16d36d9c3abdb39d42508ed936c54198b294617918890f23de7a35
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
274df39a6f9df7270ac4c38f280477df5b94008672bfe84ff1b25b096b7b04f5
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d6978501fbd0745c4ffdccdc161222e65507de54c0bba302f9237b4dbb6826c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30
341deb9c0ac2957647f03fe29afead3e8fce4986b7eacc24bbcf1930343d7194
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
3aa626b76f650dec26370b9cef79d96ea01eeae1e9f32bca0fac005c2bb41902
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
454d7742bcebeffada5eaf2dbc06774bcf31f01d1de6067483e6b71e79d580b2
4a54b3dbf6081436dccf1b9b5b3e01b314305795fa5a6d2b5534febf5937ec40
4a72e2307d137e88a1a0b8f29db38107be5c4e420c156667a9e4a884d9ea86e2
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ed6e216ee097c6895fa51a43bb1c2fbf1c3ad179c815a2a6f5d66d527ed0d6e
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c
5ab2323cd93bdc22bade9a8cc0f97987397b89024ebaf6b8666ced25c0fbaadd
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
63e1a42630dc14896fc869423e9c3c12bba1d2fbb53d90ec72a0fbef9325bb85
64ff0d69ff135e979c8dfe4aa352a0cafb2a05cbec69e6411a4cd4d82bad2e69
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e094786104884fec24d77c10ac7ca637afe10bed3b623ae85a60f0074a791b6
72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84
7372ad48f6f1e88c1d7396eaaf4e39e7a6172fd3fcec4f9cbf5600c0e13b75a0
74762ad6037682ad464b0cf9758a58eec881c6844a97e1f6f528ab2166332bac
7868353588939c8edca3210702868cb35f4e237b7367b78674e90b5ddcb7b7a6
7989f5d98545e2b0beeb4c4c9a72a3cff6882f590f97ac6399ef11e7eae563fe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84370c62a8a50d35cc9b47bf485efbba0dac442b366a338310e3df1605b42ace
8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e
8ff63409652cf38dfe846768ea9fc2a2bf12f8a79f40e4da204a4b366f782745
9411a7bf658f760658859ce78832f3cf03291384b213a84f3a162a9922e4b0e0
955d84837b393f9249df8859a23dae5cf21a9dca5d62d6d3957a132e9e9b747a
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36
a42335a34f5ed079d8cc53b639bc984049ccbfb48f221bfa0492079c07252581
aac41e6a221ea9e344d9e68511d323e59608a9ab8e99181a1d2455879ca451ff
ab4ab77b11b8d2af410265ebb3bc5b174f16dc2707d7e5f48a3770d4720b7dda
ac599557be056f1cd4fe72d05c0ee0e8435c200f1023d3eb68cb184c430a4dcb
aede00b08890c2075d88ef07d1555858f0e381d069f5dfa2ead7ba66ffb8078a
b011920bee300becf8eb656555ff2205a49c72daeb9a29bfc666008514184711
b10d01c5f8584254eec298d5b61ffacbb63e8418b73cf2bd67e1826ba836d374
b1336e33edf8e9e1f3759332ebc171168000e0bd3bcba0580eef9a32a22a0f35
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23f95f5b27a5e49285084438253c36e395707c9821a0246f87e315562952808
b767ae004425577a3fec5997133eaceedd523fb950bb7c53d5ec4bd831d942af
b7bf519365997da0c0c3a3078e8aed3f451baa33effad4ceb4659973b3aa6fa7
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22
bca6c0e5b93bc379b11654ac30cca2036d0f9ab0c4d7612ba84d43ca263dc57f
bca7ee31fc622c935a1ba3d3d012111f3aab926dc898ed011513fc7a9145f90e
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
c244e79a27e9005194ed1d127779726a04b573104f9363c6581c3cc4953ba7d7
cb8e86ed483dc891a2a2bfac4028f348c8fa825166ab730d9c61871dfb87ccbd
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d4ab91c0a11e9470dd1a9d7824080978b09c54abe17dc82c5b3994c903485327
d4ae64422c005ec3637d4696aa288a0838927f2de5c502b9130379a30a4b1f57
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
d9e728ad46382631e6f4dfcd841a85850c44ede76e0d09939f73425ddcb7eb7e
dd732e3866c87a193ab4a2265406726d23d8c8db5b7cd739c1ce0fd8d40c7f9b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfe6a88604de3ecba9aba015bfc3036ac147e340a5d3ac73cf4dfcd8e61c439d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4eb8b2c1a06570881e8eff7bea732fcddd5070597956fee9e0d60b92b72fdad
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e79dbbde99ef7b16ca553a9d4e659882ec86b9a194d98f16b45608a3c0a12159
ea074e5a6cb81ee5f70e3ca8c92f8af0b6830c02cab29025e371a3abfd5c7058
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
ed42acecb2c1a76ac5e2f20e6340f0ef8a2444ce87ca1f149d4600b2acace16d
ef1817f82603586a72784f7b24171e2edaeaaa3f9ddf17fe62353f8ccf43d9f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b
f54c6363dec1568a39419c663147d83eb2767a41903ad4a18c4ebce1a1012f78
f745c0340723027f927c6e86a99499f9ce65e516de0828874b07687db1e4a570
f7df937fc1f214a4e575e074a35b9d5f50efc38165bfcc574e2912e77ae02c49
fa113b69db3c3fd744da1ed543c786d62a6cfd363f448ee70eeebacabec3345b
ffa9e569f1ce2b0c559aaf53e0546414dc53647d081f2ef175415be4b72ed83c
ffd5f8f8beaf92a626e9f8e75403aafdb4e264fcc4f069ce04c4944b8bed4826

heroes.fws.tw Open in urlscan Pro 172.105.237.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

259 Requests

84 %HTTPS

40 %IPv6

43 Domains

57 Subdomains

36 IPs

7 Countries

3343 kBTransfer

6162 kBSize

64 Cookies

5 Outgoing links

Page URL History

Redirected requests

259 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

heroes.fws.tw Open in urlscan Pro
172.105.237.221 Public Scan

Screenshot
Live screenshot

Full Image

259
Requests

84 %
HTTPS

40 %
IPv6

43
Domains

57
Subdomains

36
IPs

7
Countries

3343 kB
Transfer

6162 kB
Size

64
Cookies

259 HTTP transactions
3 data transactions