urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://reurl.cc/g2emzn
Effective URL: https://reurl.cc/g2emzn
Submission: On June 17 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 65 IPs in 9 countries across 51 domains to perform 410 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 220180.
TLS certificate: Issued by R3 on May 25th 2022. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 35.185.130.121 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.149.98.30 15169 (GOOGLE)
3 35.186.215.140 15169 (GOOGLE)
19 99.84.133.93 16509 (AMAZON-02)
33 2600:9000:21c... 16509 (AMAZON-02)
3 2a03:2880:f00... 32934 (FACEBOOK)
1 35.244.196.223 15169 (GOOGLE)
2 2a03:2880:f10... 32934 (FACEBOOK)
3 2404:6800:400... 15169 (GOOGLE)
1 1 209.58.188.181 133752 (LEASEWEB-...)
11 2606:4700:20:... 13335 (CLOUDFLAR...)
6 210.59.219.180 3462 (HINET Dat...)
1 2600:9000:20c... 16509 (AMAZON-02)
1 192.0.77.2 2635 (AUTOMATTIC)
1 192.0.78.244 2635 (AUTOMATTIC)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 192.0.78.187 2635 (AUTOMATTIC)
5 2406:2000:a4:... 10230 (YAHOO-SG ...)
2 2404:6800:400... 15169 (GOOGLE)
35 203.75.214.136 3462 (HINET Dat...)
1 6 35.201.76.93 15169 (GOOGLE)
5 2600:9000:214... 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
2 180.222.102.159 24506 (YAHOO-TP2...)
1 2406:2000:ec:... 24506 (YAHOO-TP2...)
7 52.197.44.129 16509 (AMAZON-02)
12 2406:2600:4::1 55569 (CRITEO-AS...)
6 103.132.192.30 138552 (RTBHOUSE-...)
2 23.108.102.145 59253 (LEASEWEB-...)
2 210.59.219.181 3462 (HINET Dat...)
10 182.161.74.18 55569 (CRITEO-AS...)
7 14 34.96.119.68 15169 (GOOGLE)
7 7 172.104.70.67 63949 (LINODE-AP...)
8 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
3 17 64.120.88.131 133752 (LEASEWEB-...)
5 34.117.219.39 396982 (GOOGLE-CL...)
2 116.50.36.71 18046 (DONGFONG-...)
7 22 216.58.220.130 15169 (GOOGLE)
2 35.227.249.156 15169 (GOOGLE)
22 54.95.78.196 16509 (AMAZON-02)
12 142.251.42.130 15169 (GOOGLE)
1 3 210.59.219.175 3462 (HINET Dat...)
39 2404:6800:400... 15169 (GOOGLE)
2 2 23.36.110.226 16625 (AKAMAI-AS)
4 23.10.15.201 20940 (AKAMAI-ASN1)
1 180.222.102.162 24506 (YAHOO-TP2...)
1 34.233.78.253 14618 (AMAZON-AES)
1 2001:4de0:ac1... 20446 (STACKPATH...)
6 11 8.39.36.141 26667 (RUBICONPR...)
4 2404:6800:400... 15169 (GOOGLE)
6 2404:6800:400... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
4 8 2406:2600:4::b 55569 (CRITEO-AS...)
33 2404:6800:400... 15169 (GOOGLE)
8 2404:6800:400... 15169 (GOOGLE)
6 182.161.74.11 55569 (CRITEO-AS...)
2 2 69.173.158.64 26667 (RUBICONPR...)
2 2 2406:da18:929... 16509 (AMAZON-02)
1 35.190.60.146 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
4 4 35.71.131.137 16509 (AMAZON-02)
2 3 52.94.220.185 16509 (AMAZON-02)
3 2404:6800:400... 15169 (GOOGLE)
1 2 2001:df2:a300... 6336 (TURN-US-ASN)
1 1 151.101.66.49 54113 (FASTLY)
1 1 13.115.228.100 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
2 2 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
2 2620:116:800e... 16509 (AMAZON-02)
3 3 18.141.122.100 16509 (AMAZON-02)
1 3 2606:4700:440... 13335 (CLOUDFLAR...)
3 3 185.84.60.30 198622 (ADFORM)
410 65
5    35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    34.149.98.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.98.149.34.bc.googleusercontent.com
storage.reurl.cc
3    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
19    99.84.133.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-93.nrt57.r.cloudfront.net
img.scupio.com
33    2600:9000:21c5:de00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
3    2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
2    2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2404:6800:4004:821::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
agent.aralego.com
11    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
6    210.59.219.180 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
bw.scupio.com
1    2600:9000:20c4:5200:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.wixstatic.com
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
1    192.0.78.244 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    2606:4700:3032::6815:43a6 (United States)

ASN13335 (CLOUDFLARENET, US)
img.racingcharger.tw
1    2606:4700:3034::6815:6009 (United States)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
5    2406:2000:a4:9fe:: (Taiwan)

ASN10230 (YAHOO-SG internet content provider, SG)
s.yimg.com
ads.yahoo.com
2    2404:6800:4004:801::200a (Australia)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
35    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
326a92f5-0ecc-4712-8e90-a746670bd85a.t.ssp.hinet.net
6    35.201.76.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
5    2600:9000:2142:a600:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)
adcdn.holmesmind.com
1    2404:6800:4008:c13::9b (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    180.222.102.159 (Taoyuan City, Taiwan)

ASN24506 (YAHOO-TP2 YAHOO! TAIWAN HOLDINGS LIMITED, TAIWAN BRANCH, TW)
PTR: media-router-flurry71.prod.media.vip.tp2.yahoo.com
ads.yap.yahoo.com
1    2406:2000:ec:c38::2001 (Taoyuan City, Taiwan)

ASN24506 (YAHOO-TP2 YAHOO! TAIWAN HOLDINGS LIMITED, TAIWAN BRANCH, TW)
geo.yahoo.com
7    52.197.44.129 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
12    2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
6    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
2    23.108.102.145 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
hb.aralego.com
2    210.59.219.181 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
prebid.scupio.com
10    182.161.74.18 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
14    34.96.119.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com
ad2.apx.appier.net
7    172.104.70.67 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1680-67.members.linode.com
gocm.c.appier.net
8    2404:6800:4004:81c::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
1    2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)
www.google.co.jp
17    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
ads.aralego.com
sync.aralego.com
5    34.117.219.39 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 39.219.117.34.bc.googleusercontent.com
fp.holmesmind.com
2    116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)
cm.lndata.com
22    216.58.220.130 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s01-in-f130.1e100.net
cm.g.doubleclick.net
2    35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com
m.holmesmind.com
22    54.95.78.196 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
ccm.holmesmind.com
12    142.251.42.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
3    210.59.219.175 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
rec.scupio.com
39    2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    23.36.110.226 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-110-226.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.10.15.201 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-10-15-201.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    180.222.102.162 (Taoyuan City, Taiwan)

ASN24506 (YAHOO-TP2 YAHOO! TAIWAN HOLDINGS LIMITED, TAIWAN BRANCH, TW)
PTR: beap1.cbs.vip.tp2.yahoo.com
tp2.beap.gemini.yahoo.com
1    34.233.78.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-78-253.compute-1.amazonaws.com
d.adx.io
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
11    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
4    2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)
adservice.google.co.jp
www.googletagservices.com
6    2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2404:6800:4004:80b::2001 (Australia)

ASN15169 (GOOGLE, US)
721a07cf651cd11c1403a4c6154c2314.safeframe.googlesyndication.com
3e6c085bc3e9c8aa950c750c3b3e7a4a.safeframe.googlesyndication.com
8d109ada65db6ecc00f2ce3191c4ab87.safeframe.googlesyndication.com
8    2406:2600:4::b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
33    2404:6800:4004:810::2001 (Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2404:6800:4004:80a::2002 (Australia)

ASN15169 (GOOGLE, US)
adservice.google.co.jp
googleads.g.doubleclick.net
6    182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
mug.criteo.com
2    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel-apac.rubiconproject.com
2    2406:da18:929:5a03:84c0:247d:fa50:b665 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    52.94.220.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    2404:6800:4004:81f::2003 (Australia)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2001:df2:a300:bbbb::135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
1    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    13.115.228.100 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-228-100.ap-northeast-1.compute.amazonaws.com
v9999.adv.admeme.net
1    2404:6800:4004:80a::2006 (Australia)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2604:9e00:1:129::2:a01 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.torchad.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
2    2620:116:800e:21:a878:7c6e:cf7b:3362 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    18.141.122.100 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-122-100.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
3    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    185.84.60.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
Apex Domain
Subdomains		 Transfer
80 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 131430
fcm.holmesmind.com Failed
c.holmesmind.com — Cisco Umbrella Rank: 99037
adcdn.holmesmind.com — Cisco Umbrella Rank: 133649
ad.holmesmind.com — Cisco Umbrella Rank: 87281
fp.holmesmind.com — Cisco Umbrella Rank: 129810
m.holmesmind.com — Cisco Umbrella Rank: 235070
ccm.holmesmind.com — Cisco Umbrella Rank: 307467
177 KB
75 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
721a07cf651cd11c1403a4c6154c2314.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
3e6c085bc3e9c8aa950c750c3b3e7a4a.safeframe.googlesyndication.com
8d109ada65db6ecc00f2ce3191c4ab87.safeframe.googlesyndication.com
880 KB
35 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 125
cm.g.doubleclick.net — Cisco Umbrella Rank: 217
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
541 KB
35 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 88598
326a92f5-0ecc-4712-8e90-a746670bd85a.t.ssp.hinet.net
25 KB
30 scupio.com
img.scupio.com — Cisco Umbrella Rank: 65161
bw.scupio.com — Cisco Umbrella Rank: 125585
prebid.scupio.com — Cisco Umbrella Rank: 57206
rec.scupio.com — Cisco Umbrella Rank: 126572
381 KB
24 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 739
gum.criteo.com — Cisco Umbrella Rank: 394
mug.criteo.com — Cisco Umbrella Rank: 2507
20 KB
21 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 35046
gocm.c.appier.net — Cisco Umbrella Rank: 2561
3 KB
20 aralego.com
agent.aralego.com — Cisco Umbrella Rank: 257095
hb.aralego.com — Cisco Umbrella Rank: 13530
ads.aralego.com — Cisco Umbrella Rank: 31192
sync.aralego.com — Cisco Umbrella Rank: 2588
9 KB
19 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1193
eus.rubiconproject.com — Cisco Umbrella Rank: 601
token.rubiconproject.com — Cisco Umbrella Rank: 762
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 24651
pixel.rubiconproject.com — Cisco Umbrella Rank: 358
29 KB
14 google.com
www.google.com — Cisco Umbrella Rank: 9
adservice.google.com — Cisco Umbrella Rank: 92
5 KB
12 criteo.net
static.criteo.net — Cisco Umbrella Rank: 605
203 KB
11 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 4553
177 KB
7 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 15592
adservice.google.co.jp — Cisco Umbrella Rank: 38796
2 KB
7 yahoo.com
ads.yap.yahoo.com — Cisco Umbrella Rank: 8448
geo.yahoo.com — Cisco Umbrella Rank: 1256
tp2.beap.gemini.yahoo.com — Cisco Umbrella Rank: 31386
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 512
ads.yahoo.com — Cisco Umbrella Rank: 1168
9 KB
6 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 17344
1 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 220180
storage.reurl.cc
6 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 384
2 KB
4 yimg.com
s.yimg.com — Cisco Umbrella Rank: 382
39 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 613
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 844
s.tribalfusion.com — Cisco Umbrella Rank: 2502
2 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1010
3 KB
3 gstatic.com
www.gstatic.com
39 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
127 KB
3 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1227
2 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 861
571 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
20 KB
3 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 101127
11 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1132
673 B
2 torchad.com
rtb2-useast.torchad.com — Cisco Umbrella Rank: 24707
954 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 836
r.turn.com — Cisco Umbrella Rank: 3376
869 B
2 lndata.com
cm.lndata.com — Cisco Umbrella Rank: 172231
940 B
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 329
67 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 91
9 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158
34 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 444
59 KB
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 5558
482 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 265
586 B
1 admeme.net
v9999.adv.admeme.net — Cisco Umbrella Rank: 175567
303 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 687
536 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 370
573 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 657
340 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 686
33 KB
1 adx.io
d.adx.io — Cisco Umbrella Rank: 278292
656 B
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 555
5 KB
1 alphaloan.co
blog.alphaloan.co
274 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
141 KB
1 racingcharger.tw
img.racingcharger.tw
184 KB
1 creditcards.com.tw
creditcards.com.tw
58 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 3432
45 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5553
1 MB
1 re-news.tw
storage.re-news.tw
5 KB
410 51
Domain Requested by
39 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
reurl.cc
googleads.g.doubleclick.net
www.googletagservices.com
33 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
reurl.cc
googleads.g.doubleclick.net
pagead2.googlesyndication.com
33 cdn.holmesmind.com reurl.cc
cdn.holmesmind.com
ad.holmesmind.com
28 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
22 ccm.holmesmind.com reurl.cc
cdn.holmesmind.com
22 cm.g.doubleclick.net 7 redirects eus.rubiconproject.com
reurl.cc
googleads.g.doubleclick.net
19 img.scupio.com reurl.cc
img.scupio.com
rec.scupio.com
14 ad2.apx.appier.net 7 redirects reurl.cc
12 static.criteo.net cdn.holmesmind.com
reurl.cc
static.criteo.net
img.scupio.com
11 cdn.aralego.net reurl.cc
agent.aralego.com
ads.aralego.com
10 sync.aralego.com ads.aralego.com
reurl.cc
img.scupio.com
10 bidder.criteo.com img.scupio.com
static.criteo.net
9 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
8 gum.criteo.com 4 redirects static.criteo.net
8 www.google.com reurl.cc
tpc.googlesyndication.com
googleads.g.doubleclick.net
7 326a92f5-0ecc-4712-8e90-a746670bd85a.t.ssp.hinet.net reurl.cc
t.ssp.hinet.net
cdn.holmesmind.com
7 ads.aralego.com 3 redirects agent.aralego.com
ads.aralego.com
7 gocm.c.appier.net 7 redirects
7 ad.holmesmind.com cdn.holmesmind.com
img.scupio.com
6 mug.criteo.com reurl.cc
6 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
6 adservice.google.co.jp securepubads.g.doubleclick.net
pagead2.googlesyndication.com
6 token.rubiconproject.com 4 redirects eus.rubiconproject.com
6 prebid-asia.creativecdn.com img.scupio.com
cdn.holmesmind.com
6 c.holmesmind.com 1 redirects cdn.holmesmind.com
reurl.cc
6 bw.scupio.com img.scupio.com
ajax.googleapis.com
eus.rubiconproject.com
5 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
5 fp.holmesmind.com cdn.holmesmind.com
5 adcdn.holmesmind.com cdn.holmesmind.com
5 reurl.cc 1 redirects reurl.cc
4 match.adsrvr.org 4 redirects
4 eus.rubiconproject.com reurl.cc
eus.rubiconproject.com
4 s.yimg.com ad.sitemaji.com
s.yimg.com
reurl.cc
3 c1.adform.net 3 redirects
3 pm.w55c.net 3 redirects
3 www.gstatic.com googleads.g.doubleclick.net
3 www.googletagservices.com googleads.g.doubleclick.net
3 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 partner.googleadservices.com pagead2.googlesyndication.com
3 rec.scupio.com 1 redirects img.scupio.com
3 www.google-analytics.com reurl.cc
www.google-analytics.com
3 ad.sitemaji.com reurl.cc
ad.sitemaji.com
2 a.tribalfusion.com 1 redirects googleads.g.doubleclick.net
2 cms.quantserve.com googleads.g.doubleclick.net
2 rtb2-useast.torchad.com 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 pixel-apac.rubiconproject.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 m.holmesmind.com cdn.holmesmind.com
2 cm.lndata.com cdn.holmesmind.com
2 prebid.scupio.com img.scupio.com
cdn.holmesmind.com
2 hb.aralego.com img.scupio.com
2 ads.yap.yahoo.com s.yimg.com
reurl.cc
2 ajax.googleapis.com img.scupio.com
2 www.facebook.com reurl.cc
2 connect.facebook.net reurl.cc
connect.facebook.net
2 cdn.jsdelivr.net reurl.cc
1 s.tribalfusion.com googleads.g.doubleclick.net
1 dsp.adkernel.com 1 redirects
1 s0.2mdn.net googleads.g.doubleclick.net
1 v9999.adv.admeme.net 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 r.turn.com reurl.cc
1 ad.turn.com 1 redirects
1 8d109ada65db6ecc00f2ce3191c4ab87.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 3e6c085bc3e9c8aa950c750c3b3e7a4a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ads.yahoo.com eus.rubiconproject.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 id.rlcdn.com eus.rubiconproject.com
1 721a07cf651cd11c1403a4c6154c2314.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 code.jquery.com rec.scupio.com
1 d.adx.io reurl.cc
1 tp2.beap.gemini.yahoo.com reurl.cc
1 www.google.co.jp reurl.cc
1 static.xx.fbcdn.net www.facebook.com
1 geo.yahoo.com reurl.cc
1 stats.g.doubleclick.net www.google-analytics.com
1 blog.alphaloan.co reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 img.racingcharger.tw reurl.cc
1 creditcards.com.tw reurl.cc
1 i0.wp.com reurl.cc
1 static.wixstatic.com reurl.cc
1 agent.aralego.com 1 redirects
1 storage.re-news.tw reurl.cc
1 storage.reurl.cc reurl.cc
0 fcm.holmesmind.com Failed cdn.holmesmind.com
410 88

This site contains links to these domains. Also see Links.

Domain
youtils.cc
re-news.tw
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2022-05-25 -
2022-08-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
storage.reurl.cc
GTS CA 1D4		 2022-05-06 -
2022-08-04		 3 months crt.sh
feebee.com.tw
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2021-10-13 -
2022-11-13		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-27 -
2022-06-25		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2022-05-04 -
2022-08-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-30 -
2022-10-27		 6 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-11 -
2023-07-12		 a year crt.sh
tls.automattic.com
R3		 2022-05-18 -
2022-08-16		 3 months crt.sh
*.gbyhn.com.tw
E1		 2022-06-06 -
2022-09-04		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-13 -
2022-08-03		 2 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.ssp.hinet.net
 2021-10-12 -
2022-10-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
m.yap.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-02 -
2022-08-03		 5 months crt.sh
yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-02-11 -
2022-08-10		 6 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.google.co.jp
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.t.ssp.hinet.net
 2022-04-14 -
2023-04-14		 a year crt.sh
*.lndata.com
GeoTrust RSA CA 2018		 2021-11-29 -
2022-12-07		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.beap.gemini.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-05-10 -
2022-11-02		 6 months crt.sh
adx.io
Amazon		 2022-03-03 -
2023-03-31		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh

This page contains 67 frames:

Primary Page: https://reurl.cc/g2emzn
Frame ID: F616BB2FD5FC247A8EE022CDF97DD229
Requests: 34 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 0CBB1310E4DCA634E3C32DC0FA56C1B5
Requests: 2 HTTP requests in this frame

Frame: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Frame ID: E3CB99CEE6A2046A3C4D9CE119466058
Requests: 12 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.62
Frame ID: C0AB8E06E92864140C43D932F9171834
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.62
Frame ID: 35F75D759B7BB5B1B6E8221BE0CBBB58
Requests: 15 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 2031754BA9C8AEE80191F9F6E8A246B0
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 41BFA0B8F221E2C63FCE5E927DE07900
Requests: 12 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 50748AF4A47BBAE3773209AE9B57B18D
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: F6ADB81E6572A71F85BBFDC2EFA35DC9
Requests: 25 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 5B6B7391F8C131E5CA5C9083EF0CD3EF
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3731-vPUeODj98JoAJgPXNx4WMh0KtugmS6je&CFFPCKUUID=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&url=https%3A%2F%2Freurl.cc%2Fg2emzn&maindomain=reurl.cc
Frame ID: 8BF7C041817A4F7E63AEBA11D503C739
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3731-vPUeODj98JoAJgPXNx4WMh0KtugmS6je&CFFPCKUUID=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&url=https%3A%2F%2Freurl.cc%2Fg2emzn&maindomain=reurl.cc
Frame ID: 2177AEE9FC742E0C0AFC9CE2C601B606
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3731-vPUeODj98JoAJgPXNx4WMh0KtugmS6je&CFFPCKUUID=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&url=https%3A%2F%2Freurl.cc%2Fg2emzn&maindomain=reurl.cc
Frame ID: DF8D721C89F9AC19985C1F7F610E3CA8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Frame ID: D5641A0D321C88082F96DF184A959C09
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 9DA492B77C99D8DADD8EAED4814F895D
Requests: 13 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 27304E3219BD6716145883839AE7301D
Requests: 13 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 56F0DBA6A693EE2F31B76C1DE5167CBD
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: DDC3B4C6A9CAED08C6DF411E0C27E842
Requests: 18 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 09DB00BEDFBD84FD95C39D6E5E2BF8C3
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 4E9CAD6FDC2B9FC5FD63E74BA23D0C8D
Requests: 21 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 523F90E59CD93A5A6360899CBB4D8C8D
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: A0A70FDB807808BB6D2CE27B61446506
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3731-vPUeODj98JoAJgPXNx4WMh0KtugmS6je&CFFPCKUUID=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&url=https%3A%2F%2Freurl.cc%2Fg2emzn&maindomain=reurl.cc
Frame ID: 9A6DBBCBB896BE6483F43E614242CE59
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3731-vPUeODj98JoAJgPXNx4WMh0KtugmS6je&CFFPCKUUID=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&url=https%3A%2F%2Freurl.cc%2Fg2emzn&maindomain=reurl.cc
Frame ID: 7D7AB370E738DB0675D5E97B89D4A180
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: D499E7F896BD790A3914ABFEA2FDC478
Requests: 9 HTTP requests in this frame

Frame: https://img.scupio.com/js/rec.js
Frame ID: 984EB6020D71AADE67778C7204EDBF42
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 2F6F84E4AB3FCE96E7775A6ED752A179
Requests: 8 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 95A1C91C9A6052A386977E44BC36B68A
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENiWB8HYFLHv60xAIgy3EKQ&google_cver=1&google_ula=3918219,0
Frame ID: 391EBFAF1D47644F188963EE6E6B80FA
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: AF3363EB7670BB679CBC1B8B59797244
Requests: 12 HTTP requests in this frame

Frame: https://721a07cf651cd11c1403a4c6154c2314.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 06DF27D4AF4979835EEC644C8E17F528
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Frame ID: 0CF5804F22F7C9CD275B658326697FAE
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Frame ID: F67FC11BF0F0CAB28DF05F11EC5DD959
Requests: 5 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html?mid=52
Frame ID: 1C67343BF9B0F2BF8B54D43655D336DA
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Frame ID: 9DAB3C272B853E9545220A1134EE693E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: C94A39DCBD5FFBA77AA345840A412919
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=90&slotname=2784%2F12678&adk=3326638708&adf=1605851719&pi=t.ma~as.2784%2F12678&w=970&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048039&bpp=12&bdt=536&idt=276&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=2110577751545&frm=23&ife=1&pv=2&ga_vid=786912116.1655482046&ga_sid=1655482048&ga_hid=893530697&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=984&biw=1600&bih=1200&isw=970&ish=90&ifk=3449834543&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531556%2C42531606%2C42531608&oid=2&pvsid=1040823750251013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hd0gmvaa3q41&fsb=1&dtd=301
Frame ID: E6FE23F15475189095EFD8C120419447
Requests: 12 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: D9EE99DA949C765A00B80C0181D087AC
Requests: 1 HTTP requests in this frame

Frame: https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CBA2022061800072769472
Frame ID: BEAEE13C72B4F41415586513C93D02A3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 981446570563DE1C162194B8DD90CA66
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 79E09BA2A68E8F028286EAD9C097BF4A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 6DD4F572119D0A07DC86390CCFBD78A8
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1CAB11358DD8C3A7828238589DD155FF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B390ECDE81232A840853098254DE2AB7
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: F8C0CF8E5E6A9E4B3CB61EEE89260017
Requests: 9 HTTP requests in this frame

Frame: https://3e6c085bc3e9c8aa950c750c3b3e7a4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: EE9BE09DE14D1740EE0C3CE82CF54125
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: E28045608699717EBE46CAF059D9094F
Requests: 8 HTTP requests in this frame

Frame: https://8d109ada65db6ecc00f2ce3191c4ab87.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: 00D3F8C979E854CB8CC56B95112C3980
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7021F974ACB74C7EE72C0D40AB63C22E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: D67256E261767ECEE6766A2144CA4A65
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
Frame ID: 82864E7EA09E8A986E7EA153EC393F27
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 680A2840F95FAE11FEF9EA6E434FBDC1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B5A497DE2F41BBA1EEE47CF2F803F843
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A1F216ABFCE45C3C511D3F916915129
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AF84B5736DE2039E7B8BFE117BE5DA51
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242780&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048798&bpp=10&bdt=544&idt=257&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=2066176180&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2616092914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C31067629%2C31068030%2C42531608%2C31062931&oid=2&pvsid=947895602040670&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nx24r792w2lt&fsb=1&dtd=277
Frame ID: A0DBFCD3043680820634189881F53A31
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ADBF95E838ED80E10F9CA9BD8303E691
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6C331B711BF8E20346197AD8040EF197
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242783&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048965&bpp=5&bdt=561&idt=262&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=1611899983&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=3191036242&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C44761043%2C31067629%2C31067769%2C31068031%2C42531608%2C31067487%2C31062931&oid=2&pvsid=2619008417580660&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.x8e1tnpbxfhr&fsb=1&dtd=269
Frame ID: C475078DAD15D76B9BE8A9D5402AFEBD
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AB6BB6880882082FB4270036E4E6FAE5
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F8EA2EAF834AC30AEFD102680C5D4217
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
Frame ID: DE006ADE0962EAAFD802F928277C0EC8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
Frame ID: 17C582F052AC2E62BC12B2DDEDDAD443
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9E58B00BDA3C767E5A2D222CF7B3DFD8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E74973F4E063E01EE4EF512152329068
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BAA22F079FC9C656FDF5F8101F250455
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5F82AA3BF128ADA3E9983AAC59CC2F4D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

縮短網址產生器 - reurl

Page URL History Show full URLs

  1. http://reurl.cc/g2emzn HTTP 301
    https://reurl.cc/g2emzn Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

410
Requests

89 %
HTTPS

43 %
IPv6

51
Domains

88
Subdomains

65
IPs

9
Countries

4821 kB
Transfer

9076 kB
Size

58
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://reurl.cc/g2emzn HTTP 301
    https://reurl.cc/g2emzn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://agent.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Request Chain 43
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 77
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=mJ30wjN3CoWTNnlgvqasYg
Request Chain 78
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Img4TYavAbeLdrRfvqasYg
Request Chain 79
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=q2Bt2zYNCWKLkxgWvqasYg
Request Chain 80
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=0Czy7zXiC0etMgw9vqasYg
Request Chain 111
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Request Chain 130
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri&uu_m=undefined HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri&uu_m=undefined&google_tc= HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri&uu_m=undefined&google_gid=CAESELS3PdKzmiPoQgwD2v5q9u8&google_cver=1
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri&uu_m=undefined HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri&uu_m=undefined&google_tc= HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri&uu_m=undefined&google_gid=CAESENnoEePNolwYAEfXzBhgyuc&google_cver=1
Request Chain 151
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Img4TYavAbeLdrRfvqasYg
Request Chain 154
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Img4TYavAbeLdrRfvqasYg
Request Chain 156
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Img4TYavAbeLdrRfvqasYg
Request Chain 203
  • https://rec.scupio.com/recweb/js/rec.js HTTP 301
  • https://img.scupio.com/js/rec.js
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0JBMjAyMjA2MTgwMDA3Mjc2OTQ3Mg%3d%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENiWB8HYFLHv60xAIgy3EKQ&google_cver=1&google_ula=3918219,0
Request Chain 210
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 227
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Request Chain 228
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Request Chain 257
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 260
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=tVCGjHx5YmhvMnJ2bGVSZ29tVkphZFVjaVFqMC9paFgxbUhCY3NDeVViU2JpYnArNm1TOWRLTWw3VHA2V2l4bG5lYzRzMnN6V3lKaU9uT01TVHU5ajNRcU5mOE9oNnFqOVZGVWJ6RlVXb1FFWTVSUG9ldHFva1dnRVZJcFFJODA0SEh3QzVZd1lQbVo0WGxnSUl2YTZYU0ZRU2N2WHlKSFpKd09nTUY5cUlzRm5NeUltYXh5ZVNna3NpM2NUaHRhUjNiS0tZdisrVHZIWm0xUGN6UXpjSENDSEpGTFQ0RkxmVVFwVjhvc0RMM1JFV3N1TmFKUFovdzVYemF4NmdCUjFKVWdUTjhBb2I0Uzd2UVQ3MVozYk4yME4vZCt6ZG16RG5rbU5lREdobmJ4d0xOcz18&cppv=2
Request Chain 265
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=zTs_VHxFMTVub3A5YU5LZS9kNHhlOG9TZStGV01RYmR5Vk5KK29nL1dzRzBmN0ZtQmhqVmhLaXkzT2NNUDg3dFB5RlQwYzlTR1NMQzdZQ2RreGkxYlk5ZGtFeW5tS0dSbHhCcDV0UVZCVzZrS3laMG5CdlZlVjFoemtTQnlGcTdzcnRvU1YreTRmcm5HYkRJSGNTRCt1NlV2cHJmNGRpWFJOTlZzV2F4TXdnbndya2hkYXYxdVd4aU9idHdUWU1jUTFhUUk1M2RjZXRkMDlrNzUvL3Y3NHVUVEpmRW52RHV6bVY3eW4wNlVqeXVQZ2M4SmV5clVqbUF1VGszREdKcmVnakZqaEV2cGRKelZnTlFSSHBUUUlRaEpTZEljVk5jaVlOTVM2bFVRa0FIUlRBRT18&cppv=2
Request Chain 269
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell&khaos=L4IN9NR0-1B-6D4G HTTP 302
  • https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L4IN9NR0-1B-6D4G
Request Chain 277
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/a97sY4rWeA9vamoxi0Q-WA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4381911674392346355
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGDY6i3ylcltUzz7PRKHlVU&google_cver=1
Request Chain 280
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTMxYmIyNGRiODE5MWFkNDAwZGVlMmM4YmQ0YTRiNmEwOTIwMzNkYQ
Request Chain 281
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4IN9NU3-1Q-QU
Request Chain 282
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4IN9NU3-1Q-QU&sigv=1&esig=2~749046969095c191e14423fdf31aa11bf4cb3686
Request Chain 283
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://match.adsrvr.org/track/cmb/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dae57b52-d5d7-4869-aa3e-8bb8f7638a71&gdpr=0&gdpr_consent=&expires=30
Request Chain 284
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=s1Sx85KaSQulSX0n0CXvGA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=s1Sx85KaSQulSX0n0CXvGA
Request Chain 285
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell&khaos=L4IN9NU3-1Q-QU HTTP 302
  • https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L4IN9NU3-1Q-QU
Request Chain 314
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHHpgxExJXuJ1meGPPYH4u4&google_cver=1&google_push=ARnp8GDNhfDLVja_iEXsV_rgtK3r53AAfJB_p_OAK8XZLwJeDYhYRwIvAdfXzsr1reanUU9Njyiq1EigOcZDO-gifVNdbfZJtceI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc4ODA1MjkzNjg5ODkwNjU1Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHHpgxExJXuJ1meGPPYH4u4&google_cver=1
Request Chain 315
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKmJUUIhPfTaDYPzyoUwgfc&google_cver=1&google_push=ARnp8GCpX05SaFFX_rBenZr1li93kmq9v-Sb2daEx1PwiWlA14Hpmk-17ISop5IDPqEtxfmlr1F_TgSh7v9JejvsWfHAmd3uoHOp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKmJUUIhPfTaDYPzyoUwgfc&google_push=ARnp8GCpX05SaFFX_rBenZr1li93kmq9v-Sb2daEx1PwiWlA14Hpmk-17ISop5IDPqEtxfmlr1F_TgSh7v9JejvsWfHAmd3uoHOp
Request Chain 316
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEEEdNdPbHUL2rI2U55wTNz0&google_cver=1&google_push=ARnp8GBWJdqmfgw99z0HUtUx6LTJ_Tf-I8PFDYtWUngIzCFNxej9Mn7h5lTPsjOUx4ho5WfMWeLSwRLMIwOWpXEV3N42MpNqbRXy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ARnp8GBWJdqmfgw99z0HUtUx6LTJ_Tf-I8PFDYtWUngIzCFNxej9Mn7h5lTPsjOUx4ho5WfMWeLSwRLMIwOWpXEV3N42MpNqbRXy
Request Chain 317
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMdqWLO5X_c1q02LWIcsxKg&google_cver=1&google_push=ARnp8GC2x5TgPrWS1rnwgAOJZcqsy9XWMiv-JUEtZZcBYbK-PwRPR4K0jCMMYtZDP2Y9Yv7Gq4ze1kWTfhpgODOcVVy-Ng1dyQGw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GC2x5TgPrWS1rnwgAOJZcqsy9XWMiv-JUEtZZcBYbK-PwRPR4K0jCMMYtZDP2Y9Yv7Gq4ze1kWTfhpgODOcVVy-Ng1dyQGw&google_hm=NDM4MTkxMTY3NDM5MjM0NjM1NQ%3D%3D
Request Chain 319
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKMxhhTdfLYe-dMbIlkXHos&google_cver=1&google_push=ARnp8GBR8skujJdkqmQx6zW0Qqfw_xeaBAGHtlNqr55LikAO3ao_ra_MwFMWs7D6iAHymtBLAJAqIuCLfT6UaqmaSPvb18BHvsU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRJTjlOUjAtMUItNkQ0Rw==&google_push=ARnp8GBR8skujJdkqmQx6zW0Qqfw_xeaBAGHtlNqr55LikAO3ao_ra_MwFMWs7D6iAHymtBLAJAqIuCLfT6UaqmaSPvb18BHvsU
Request Chain 320
  • https://rtb2-useast.torchad.com/sync?exchange=309&google_gid=CAESELtjCI-OJ_lgLxofcnp0Dh0&google_cver=1&google_push=ARnp8GDc8idm2b1ikRz6JCtTkp5Cdb7QAA16SCRxea0Bpn7WYdlG1jLrKeVI-jO8ndCbiJ962cmXR92NI9HHko4QT7nvEGhlmkE HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.torchad.com%2Fsync%3Fexchange%3D309%26google_gid%3DCAESELtjCI-OJ_lgLxofcnp0Dh0%26google_cver%3D1%26google_push%3DARnp8GDc8idm2b1ikRz6JCtTkp5Cdb7QAA16SCRxea0Bpn7WYdlG1jLrKeVI-jO8ndCbiJ962cmXR92NI9HHko4QT7nvEGhlmkE HTTP 302
  • https://rtb2-useast.torchad.com/sync?adkuid=A4271139033187229400&exchange=309&google_gid=CAESELtjCI-OJ_lgLxofcnp0Dh0&google_cver=1&google_push=ARnp8GDc8idm2b1ikRz6JCtTkp5Cdb7QAA16SCRxea0Bpn7WYdlG1jLrKeVI-jO8ndCbiJ962cmXR92NI9HHko4QT7nvEGhlmkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTQyNzExMzkwMzMxODcyMjk0MDA&google_push=ARnp8GDc8idm2b1ikRz6JCtTkp5Cdb7QAA16SCRxea0Bpn7WYdlG1jLrKeVI-jO8ndCbiJ962cmXR92NI9HHko4QT7nvEGhlmkE
Request Chain 363
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEByAcFPdJZ9CpavvXGDCR68&google_cver=1&google_push=ARnp8GA89x7Em3KIz257ABKJiUTj6iZQgv6alDVcOKtE8Ubo0QcBS0Mjosfs1xMXUs2q_vWniE7-ZJGkdRFzsuzz3LU9BF1JIQQ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEByAcFPdJZ9CpavvXGDCR68&google_cver=1&google_push=ARnp8GA89x7Em3KIz257ABKJiUTj6iZQgv6alDVcOKtE8Ubo0QcBS0Mjosfs1xMXUs2q_vWniE7-ZJGkdRFzsuzz3LU9BF1JIQQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Um5OclhBSUoxTzJldm41&google_gid=CAESEByAcFPdJZ9CpavvXGDCR68&google_cver=1&google_push=ARnp8GA89x7Em3KIz257ABKJiUTj6iZQgv6alDVcOKtE8Ubo0QcBS0Mjosfs1xMXUs2q_vWniE7-ZJGkdRFzsuzz3LU9BF1JIQQ
Request Chain 364
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEMfKlZYZ1NfQ19uXIu2gcVQ&google_cver=1&google_push=ARnp8GC11MlJDsLzz6XGRYDutBVa-oEFShFZO5TQ4XF5Y7avWaQuhUB_5WmT4gJRfyX2P6gd6EODPH3MelOdczDWQSuYDZrFs_A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DARnp8GC11MlJDsLzz6XGRYDutBVa-oEFShFZO5TQ4XF5Y7avWaQuhUB_5WmT4gJRfyX2P6gd6EODPH3MelOdczDWQSuYDZrFs_A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMfKlZYZ1NfQ19uXIu2gcVQ&google_cver=1&google_push=ARnp8GC11MlJDsLzz6XGRYDutBVa-oEFShFZO5TQ4XF5Y7avWaQuhUB_5WmT4gJRfyX2P6gd6EODPH3MelOdczDWQSuYDZrFs_A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DARnp8GC11MlJDsLzz6XGRYDutBVa-oEFShFZO5TQ4XF5Y7avWaQuhUB_5WmT4gJRfyX2P6gd6EODPH3MelOdczDWQSuYDZrFs_A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 365
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESELJ_r-tBf59ur1Hpqh-VYQc&google_cver=1&google_push=ARnp8GASYR41xwhkau9id48-NgdTwPY1uwkwdXJROf7Jcsc11N4c8F_WUaEZNVHIIRNQYvNOA71HZctjJRrmwqQQSRW_NrdqhgY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZGFlNTdiNTItZDVkNy00ODY5LWFhM2UtOGJiOGY3NjM4YTcx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=dae57b52-d5d7-4869-aa3e-8bb8f7638a71
Request Chain 366
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJs5BKiujAvC3GAtg2S1ZtE&google_cver=1&google_push=ARnp8GCcQhS2GI_vWcMjIwhoFfHfHaAd9bO1yGwWv8Z10ORmuQsAAfOO9C7qlbTglnSNPVEPXMzOe0U3hjOIS0IzHHx1s3Ez0qQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJs5BKiujAvC3GAtg2S1ZtE&google_cver=1&google_push=ARnp8GCcQhS2GI_vWcMjIwhoFfHfHaAd9bO1yGwWv8Z10ORmuQsAAfOO9C7qlbTglnSNPVEPXMzOe0U3hjOIS0IzHHx1s3Ez0qQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc0MDg5NzMyNTI2ODg5MjkwMA&google_push=ARnp8GCcQhS2GI_vWcMjIwhoFfHfHaAd9bO1yGwWv8Z10ORmuQsAAfOO9C7qlbTglnSNPVEPXMzOe0U3hjOIS0IzHHx1s3Ez0qQ
Request Chain 384
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEByAcFPdJZ9CpavvXGDCR68&google_cver=1&google_push=ARnp8GCCfRCRKX-mBm51Wn1RX5KG1KHDKZo7oQ1tFsifkXKjdpd_PfCnaf3RyKFxYod_7-3-6A1T1TDWtgMj7bKEfYxVGcDJwuJwLA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Um5OclhBSUoxTzJldm41&google_gid=CAESEByAcFPdJZ9CpavvXGDCR68&google_cver=1&google_push=ARnp8GCCfRCRKX-mBm51Wn1RX5KG1KHDKZo7oQ1tFsifkXKjdpd_PfCnaf3RyKFxYod_7-3-6A1T1TDWtgMj7bKEfYxVGcDJwuJwLA
Request Chain 386
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESELJ_r-tBf59ur1Hpqh-VYQc&google_cver=1&google_push=ARnp8GDaO-KXMJeSQK0EQw_r5Qus_VgxZdlCcyRIIIz6U9WMfsNXgDRtjlRH4ThIzKqb6zRKjF9UQw8KmwmP9ViiVUK4yoN3Gsemhw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZGFlNTdiNTItZDVkNy00ODY5LWFhM2UtOGJiOGY3NjM4YTcx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=dae57b52-d5d7-4869-aa3e-8bb8f7638a71
Request Chain 387
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJs5BKiujAvC3GAtg2S1ZtE&google_cver=1&google_push=ARnp8GAqPNQomZZPCq5TK8qmMq1-jOnhHZamjCCp3k_sh7XtKU8OgcTKb6F7JCDssjnJyKZJW9VbhBHp7ZjeOkDqMWzSg_DgHgx4dA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc0MDg5NzMyNTI2ODg5MjkwMA&google_push=ARnp8GAqPNQomZZPCq5TK8qmMq1-jOnhHZamjCCp3k_sh7XtKU8OgcTKb6F7JCDssjnJyKZJW9VbhBHp7ZjeOkDqMWzSg_DgHgx4dA
Request Chain 408
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=OpOfzXxpRVRlR3VSR2NKRFVXK2tYcWRibFRUMGYwaDVuVDN3SkI5V0I4ZDNxaFpiMXB1QXkzd0VJTFFEb3lJejRhamFkRmNHbjJ6TEJqL1h6c3VyMjY3VGMwWHdFZ3ZpNDlhcmxob0pZTEUwNE0xbXBHTjM1ckttazBETmI1bHhlMFdHcE1YNW5HY0dmVllKWmIrYW12Nko4aEg4Z1g0cGpzZjNOOThMQy8xSWdsOHErYXFpVlZ5U0lzdXY5SFRqQjFBTEdWZ1Q0cElrVloyMTM3aWxuYy84ZXJ4dkFUck5Qc0pSN25LNUVtaGZRVWM0UU5xcFI4TDNzM2tubzY0QmdkbEcvelYycHExbXQ4RGtvWEV6bmk0Z2pURjE4bGVUNDd0UzBTTloxVE51VEdqST18&cppv=2
Request Chain 415
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=epaF43x5YmE3c1FxTDRBM1pqaFVYUVVtb0F3a2FyTk9JaTF4Tk9yZGlNWUh4NTJVSUdkaXFNaEJzZ0tPU2pwSlJNSXMwK1lWbzRhWEZtNVhxYTIzQllJaTV2ZzB5VU5BQXVHdktLQU83MjIwOTFFY3hpQkF4TGEyZXZ5TFpXN0dpZzkvbThSTjBTSjVvSGN5elVrL3dHNjdmRTZ5V1ZuQ3cwaEFneFliMnJsMVdGaTZUY1NFajFMUGU2T043UGRKMTdYcmpCL3V2U1QzTUwzKzFCYk81akEwV0hZRlU2Y2JmNkJVNkt2MVhEcnhXMUZCdHNGVG82MmVGUEFDcGxnZEtWVk9XZW5rODNuMlpYRjFJUm5VN2pHdlYwUjRmcSsvenNpL0lZeXlDdjAzbHNpWT18&cppv=2

410 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request g2emzn
reurl.cc/
Redirect Chain
  • http://reurl.cc/g2emzn
  • https://reurl.cc/g2emzn
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
47d92c8e587564fea7a58a22e3e8401d777acd4c45fca730aca148ca1fa0d43d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Jun 2022 16:07:26 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Fri, 17 Jun 2022 16:07:26 GMT
Location
https://reurl.cc/g2emzn
Server
nginx/1.18.0 (Ubuntu)
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7627501
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19134-FRA, cache-tyo11924-TYO
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qcv03PVU2eiHsOADGB1Vt4Qe%2FHtNezOnzE9xbz6Aa8WN1VPW%2Fmf0rG12%2BDGGsiEdyw5FKRvqWBi1OzTa%2BLEN7tO4ZVLjNpKV1jlgjKb9DPR4q%2Bic%2F7ViQLJLAmOR%2BVl6cbNehLpsTi4p%2FKXPFQk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
71cd09c53ae380f6-NRT
style.css
storage.reurl.cc/stylesheets/rwd/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/stylesheets/rwd/style.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e32272da242ceb6ecfad754975bc09782c6229a7a46c58e46cec347aab22be64

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 13:35:42 GMT
via
1.1 google
last-modified
Thu, 05 May 2022 00:38:33 GMT
age
9104
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public,max-age=28800
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1091
pixel.js
reurl.cc/javascripts/ 		470 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/g2emzn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
last-modified
Sun, 08 Aug 2021 17:07:38 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"61100f5a-1d6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 17 Jun 2023 16:07:26 GMT
vue.min.js
cdn.jsdelivr.net/npm/vue@2.6.11/dist/ 		91 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.6.11/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2459574
x-jsd-version
2.6.11
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19121-FRA, cache-itm18824-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"16de6-q9I58ClmstMksFEsIDvbr4Kk7Xo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUvPiSM%2Be3vnxpxdxK1OHHcJ6nKdOKPrADFcJtYt7vg%2Fvqy%2F0K%2BP%2F57PyyCbrIDysnfPQZPBQ88iQ7el4QzeUgIfVffV9csE8%2FdIdyOYcr4vRUzOkvep3hqBQ5xPEtSqqvhV%2BH1gzMgdEX908GY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
71cd09c53ae480f6-NRT
access-control-expose-headers
*
renews.js
reurl.cc/javascripts/ 		698 B
561 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/g2emzn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
last-modified
Thu, 05 May 2022 00:38:33 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62731c89-2ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 17 Jun 2023 16:07:26 GMT
ysm_reurl.js
ad.sitemaji.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_reurl.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 07:25:13 GMT
via
1.1 google
last-modified
Thu, 20 Jun 2019 08:55:05 GMT
server
nginx/1.12.1 (Ubuntu)
age
31333
etag
W/"5d0b49e9-4488"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5880
expires
Sat, 18 Jun 2022 07:25:13 GMT
ad.js
img.scupio.com/js/ 		73 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/ad.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-93.nrt57.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
36636efc3cf08e080d1af975d786696ced3faa0a26698e342273a59c7fb6fce5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:05:08 GMT
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 03:40:27 GMT
server
nginx/1.12.1
age
139
etag
W/"62aaa62b-125a0"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 b94f7b479f2b744da2f8847044c561f6.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
PJmjb49c1FV1DvQiqRF0IqFR-qNQiHseTR4IZ5PXld1QKy7ViseV8A==
expires
Fri, 17 Jun 2022 16:20:07 GMT
init.js
cdn.holmesmind.com/js/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
age
28
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:26 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
6552
x-amz-cf-id
kkzmm5vPUYsVUiNFsnJEwWoGuq4RIHpm2IDslJgZEwXKVD3_-nsghw==
ga2.js
reurl.cc/javascripts/ 		618 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/ga2.js?v=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/g2emzn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
last-modified
Thu, 24 Mar 2022 12:16:16 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"623c6110-26a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 17 Jun 2023 16:07:26 GMT
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26344
x-xss-protection
0
pragma
public
x-fb-debug
8aD2dJFGKMPq8ByT8dsfQGC1XoLxn8Gd+w29dM/Bu29WqBb0KYiVPB7UH/p69YaThHt0k9sSZlSZwvWS0RWobg==
x-fb-trip-id
382461245
x-frame-options
DENY
date
Fri, 17 Jun 2022 16:07:26 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
feeds
storage.re-news.tw/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
49208d22ed999fd361d3061398d38da0b539ea359a74ed244750fabc39b9aa0a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
via
1.1 google
etag
W/"1513-ePa5i/lNK7qya01Ry9s8d00hsAs"
x-powered-by
Express
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5395
page.php
www.facebook.com/plugins/ Frame 0CBB 		15 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a2f169c0118db161e991c2ffca1d9462c96d79bef4154f793e810c6f2fc73d8
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Fri, 17 Jun 2022 16:07:26 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
eurWOxBupwtL9YkgJTvoV9xGGP8qlMq81sGRB3oiriIF7Z3Hz9KqqrX70oFxCY4GtBlNLZ4y+CH/codgrDiejQ==
x-fb-rlafr
0
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1688
date
Fri, 17 Jun 2022 15:39:18 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 17 Jun 2022 17:39:18 GMT
reurl_passback.js
ad.sitemaji.com/native/ Frame E3CB 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_reurl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 07:16:05 GMT
via
1.1 google
last-modified
Thu, 29 Aug 2019 10:21:02 GMT
server
nginx/1.12.1 (Ubuntu)
age
31881
etag
W/"5d67a70e-3bbe"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5256
expires
Sat, 18 Jun 2022 07:16:05 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-hk/
Redirect Chain
  • https://agent.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43274
last-modified
Thu, 10 Feb 2022 09:34:53 GMT
server
cloudflare
etag
"6204dc3d-a90a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQNiyfMr55%2BtmfOqJPPREvfqdihdNm3XBtc5sZFcHx%2BOre6wjdEUn6ng0HN04QXMTFDwv3h5LxK5zeG0rmLjrQFnoyggfh2jKIi76YUArhnUdCkSCOmfk5SY7caZ3KrcFan%2FFV9q6BuILruCQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
71cd09c78e8d8a81-NRT

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Connection
close
Content-length
0
17229.json
img.scupio.com/js/config/ 		461 B
850 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17229.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-93.nrt57.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
4733409211a7a3d3d490f107d6e5b846263c9a8697a10b288f49230422b41860

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 17 Jun 2022 16:04:28 GMT
via
1.1 d21801cab7ccaa4ff7de3d7b9e37921e.cloudfront.net (CloudFront)
last-modified
Fri, 17 Jun 2022 02:20:45 GMT
server
nginx/1.12.1
age
200
etag
"62abe4fd-1cd"
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
x-amz-cf-pop
NRT57-C3
accept-ranges
bytes
content-length
461
x-amz-cf-id
dpfDx0I-OzFWnRqhHgtTMUI0wUFV4ok-WzNpiXC9-rRssmTS_hbw5g==
expires
Fri, 17 Jun 2022 19:04:06 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.287044835528923
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 17 Jun 2022 16:07:25 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
ad.html
img.scupio.com/html/ Frame C0AB 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.62
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-93.nrt57.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
a84e18f7c6d146ce37634fb2c239ec05ee278cadcc1daec3372b993c61bdab33

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
2545
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 17 Jun 2022 15:25:01 GMT
etag
W/"62a7f749-14b4a"
expires
Sun, 17 Jul 2022 15:25:01 GMT
last-modified
Tue, 14 Jun 2022 02:49:45 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 b94f7b479f2b744da2f8847044c561f6.cloudfront.net (CloudFront)
x-amz-cf-id
U67JM3rr7O7Yeh_zW2vR1DTud2qzE4ESgebm5s-mOWX11yjbEHLysw==
x-amz-cf-pop
NRT57-C3
x-cache
Hit from cloudfront
17253.json
img.scupio.com/js/config/ 		461 B
850 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17253.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-93.nrt57.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
5b5c859910a0da0b091abe462b45e0d31b6a54a4c73b3097bb2de2f3ebc4ba10

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 17 Jun 2022 16:07:25 GMT
via
1.1 d21801cab7ccaa4ff7de3d7b9e37921e.cloudfront.net (CloudFront)
last-modified
Fri, 17 Jun 2022 02:20:45 GMT
server
nginx/1.12.1
age
13
etag
"62abe4fd-1cd"
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
x-amz-cf-pop
NRT57-C3
accept-ranges
bytes
content-length
461
x-amz-cf-id
YKZtrQ45fZ89Nx8nDY3aFU8q7MWVy625v2vqFaHs9I8kdYr5stTOsA==
expires
Fri, 17 Jun 2022 19:07:13 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.9371895134060302
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 17 Jun 2022 16:07:26 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
ad.html
img.scupio.com/html/ Frame 35F7 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.62
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-93.nrt57.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
a84e18f7c6d146ce37634fb2c239ec05ee278cadcc1daec3372b993c61bdab33

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
2545
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 17 Jun 2022 15:25:01 GMT
etag
W/"62a7f749-14b4a"
expires
Sun, 17 Jul 2022 15:25:01 GMT
last-modified
Tue, 14 Jun 2022 02:49:45 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 b94f7b479f2b744da2f8847044c561f6.cloudfront.net (CloudFront)
x-amz-cf-id
zls1ZBTLFWTa2rXZ8NsopMKgiKpuPb_GzlilWMGqjPTXDV0-ENnEbg==
x-amz-cf-pop
NRT57-C3
x-cache
Hit from cloudfront
1675200226052423
connect.facebook.net/signals/config/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
49547399d2369e256e4a382cc86160c97c12e7a0a424909c0e5c6e2054a9b6fb
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7288
x-xss-protection
0
pragma
public
x-fb-debug
QuoDSnYvmCGhcgat1fl2Dp2ZoHnVmHwUG6bzcp0XwTaxoUcuUYk17yiYda9vGd/V1gps/1xgvjqjpSrhrOwevg==
x-frame-options
DENY
date
Fri, 17 Jun 2022 16:07:26 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
file.png
static.wixstatic.com/media/8d2acb_fdb46ac5354548829f23a46cc4d4a954~mv2.jpeg/v1/fit/w_1000,h_720,al_c,q_80/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/8d2acb_fdb46ac5354548829f23a46cc4d4a954~mv2.jpeg/v1/fit/w_1000,h_720,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c4:5200:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
42176dd8bba6d2b3043429bc0f0401f069e2c8e3e2642fa3f2cfef58cad0071b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 10:34:07 GMT
via
1.1 04ba777c63c6b23a364cd79bc73abdd0.cloudfront.net (CloudFront)
server
openresty/1.19.9.1
age
19999
wix-tracer
2AhVxCoHv3gq5NC9LIYig9W1VVw
etag
"cd5e1f4e0d0b2c0eef1efd5f48483c26"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
x-amz-cf-pop
NRT57-C2
timing-allow-origin
*
content-length
1235774
x-amz-cf-id
WAwg9Zk-92h2vqO4d48-__Ir12sFGVqRwW3wv0GATwFF5yjRfVm_Dw==
x-seen-by
image-manipulator-86657bdb68-sv5hw
1653215412-S__67641348.jpg
i0.wp.com/golike.tw/wp-content/uploads/2022/05/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/golike.tw/wp-content/uploads/2022/05/1653215412-S__67641348.jpg?fit=767%2C555&ssl=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
3c5dd02cd4b4e5889f6b3efe5faccfbae53695ff00ba9c6df48a41e03a018348
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-nc
HIT nrt 3
date
Fri, 17 Jun 2022 16:07:26 GMT
x-content-type-options
nosniff
last-modified
Fri, 17 Jun 2022 08:07:27 GMT
server
nginx
etag
"7822d5847d87d010"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://golike.tw/wp-content/uploads/2022/05/1653215412-S__67641348.jpg>; rel="canonical"
content-length
45930
expires
Sun, 16 Jun 2024 20:07:27 GMT
2022-%E5%9B%9B%E5%A4%A7%E8%B6%85%E5%95%86%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2022/01/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2022/01/2022-%E5%9B%9B%E5%A4%A7%E8%B6%85%E5%95%86%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.244 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
00629ef727c6c2f00185d9f431d757ffe961a78ec9296f04bde3245b0e56ecf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
x-ac
3.nrt _atomic_bur
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-length
58804
x-nc
HIT bur 1
last-modified
Thu, 03 Feb 2022 15:18:40 GMT
server
nginx
etag
"94c8191a1b717f18"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Sun, 04 Feb 2024 03:18:40 GMT
2022051801313495.jpg
img.racingcharger.tw/wp-content/uploads/ 		184 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.racingcharger.tw/wp-content/uploads/2022051801313495.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:43a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13ace3000c230275163af5eb27c262bc3788baa569bd5f4ebf8acdbc9b368650

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
cf-cache-status
HIT
last-modified
Wed, 18 May 2022 01:31:41 GMT
server
cloudflare
age
14699
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJzQBUoIF2fa604YZHZIJm9%2F0NYAILNiMzhvGVTdTVQ011OBGiMZWs5aQFTc0RnH6jUY7CLnNeDX8rmKcVDnp1YTswQQA%2BbugpCNyiOcMsn%2Fy27eq49iQ7oHNCMQd%2FzKYyM9NUT3LUVaHtmJ4N2V9lYEKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=28800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
71cd09c62f911f2f-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
187919
1655420824-5f4c8c1d4970a526c7dd0e03447ef085-840x525.jpg
img.gbyhn.com.tw/2022/06/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2022/06/1655420824-5f4c8c1d4970a526c7dd0e03447ef085-840x525.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:6009 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3e9505934fb894a88dbea3297bd5273091adf2aa3d4c42d7b6552a18707c21a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60483
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
143942
last-modified
Thu, 16 Jun 2022 23:07:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDNzKyUKySeVHTJ7Dvu%2FWEU9Qa0EOWl1rJZTOEqNTyr3U%2FLrPEonQQ%2FR2Q7XRJKREcpXkOuhBazQ4z%2F5qJqeBarNJnLM6W2vfsNEtmmX2Qco1hV%2FbYeBojo957CAQyXFFelgmqVrZzLE5zceFE0z"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71cd09c62df78a50-NRT
expires
Thu, 23 Jun 2022 23:09:01 GMT
%E4%BF%A1%E8%B2%B8%E6%A1%88%E4%BE%8B69.png
blog.alphaloan.co/wp-content/uploads/2022/06/ 		274 KB
274 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2022/06/%E4%BF%A1%E8%B2%B8%E6%A1%88%E4%BE%8B69.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9507c82f63728034db45af7acd453276bfa6185dc77051a1c9ba4e832768decf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
x-ac
3.nrt _atomic_bur
last-modified
Tue, 07 Jun 2022 02:54:43 GMT
server
nginx
etag
"629ebdf3-4474e"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
280398
expires
Fri, 24 Jun 2022 16:07:26 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame 2031 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
29
content-length
3044
content-type
text/html
date
Fri, 17 Jun 2022 16:06:58 GMT
etag
"b585383190cc538c34a520974872d918"
last-modified
Thu, 24 Mar 2022 11:21:34 GMT
server
AmazonS3
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
x-amz-cf-id
VQ1NPBufbBF_tfnveqwYUphtQ6yb0x6Ab6JIekg0ZAUmsQY3GMWpew==
x-amz-cf-pop
NRT57-C1
x-amz-version-id
bA4BdajsGoQu4oL_HyEzRCsNuHmwq3bx
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ 		662 B
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
age
3
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:24 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
662
x-amz-cf-id
S1MEGVOV-FOdmlDW890yeBkRHnVpkrEUA-KMjxiO9XAOhrtrpLwAiQ==
presetfn.js
cdn.holmesmind.com/js/ Frame 41BF 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 03:26:21 GMT
server
AmazonS3
age
24
etag
"8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:03 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
6093
x-amz-cf-id
A5MXq40JuBwMAI2E7NRk0CFVPR8MoVW9KMwb4dQy-q87-jfaPccCZA==
presetfn.js
cdn.holmesmind.com/js/ Frame 5074 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 03:26:21 GMT
server
AmazonS3
age
24
etag
"8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:03 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
6093
x-amz-cf-id
wQCWCyfjqj3K9MJv5yIdPd4ESr3wIa50MprAwQYP62hizl0gj1cncw==
presetfn.js
cdn.holmesmind.com/js/ Frame F6AD 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 03:26:21 GMT
server
AmazonS3
age
24
etag
"8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:03 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
6093
x-amz-cf-id
8k1bZemqcmCcIVZAyh5sel6Vk0LmdpLAsOaLPKVZtcqa1D3UTcR_UA==
native.js
s.yimg.com/dy/ads/ Frame E3CB 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:a4:9fe:: , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 15:59:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
502
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
x-amz-request-id
YHGY9VK0FP0M2VZY
x-amz-id-2
pt+DmPaKi4cid9gBuB8W1+iJWxCgfWw5nD8qQ1qzQDM+1+idzDNKb3e0gvrYZru4jMbLS7ZvG18=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 12:02:57 GMT
server
ATS
etag
"7e002e241fddeeb8dd76383206c47a3d-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=600
accept-ranges
bytes
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame C0AB 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 03:46:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Jun 2023 03:46:01 GMT
prebid.js
img.scupio.com/js/ Frame C0AB 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-93.nrt57.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f0276a30a4a4e452906175d089e368cfd6a230ef1a7f6c4021dc2f68c681404e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.62
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:05:08 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 04:15:06 GMT
server
nginx/1.12.1
age
139
etag
W/"625f88ca-3b04e"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 b94f7b479f2b744da2f8847044c561f6.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
ZJyYGAOjNfyaDY6jyVK6AO5CjfR_ga-upR2RHKK8nVZwBB7DFaZoTg==
expires
Sun, 17 Jul 2022 16:05:07 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 35F7 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 03:46:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Jun 2023 03:46:01 GMT
prebid.js
img.scupio.com/js/ Frame 35F7 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-93.nrt57.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f0276a30a4a4e452906175d089e368cfd6a230ef1a7f6c4021dc2f68c681404e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.62
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:05:08 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 04:15:06 GMT
server
nginx/1.12.1
age
139
etag
W/"625f88ca-3b04e"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 b94f7b479f2b744da2f8847044c561f6.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
7P1wkBDaT3pgE4g1aWj11Xg7os2Abpg-vt4iX2R0ygtkDKtxu_MzlQ==
expires
Sun, 17 Jul 2022 16:05:07 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=880442715&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2Fg2emzn&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1824837083&gjid=522534799&cid=786912116.1655482046&tid=UA-102456694-1&_gid=926089554.1655482046&_r=1&_slc=1&z=1829102554
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=880442715&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2Fg2emzn&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=&el=&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=786912116.1655482046&tid=UA-102456694-1&_gid=926089554.1655482046&z=417769604
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 13:51:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8128
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2Fg2emzn&rl=&if=false&ts=1655482046496&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=28&fbp=fb.1.1655482046495.450889844&it=1655482046408&coo=false&exp=p1&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 17 Jun 2022 16:07:26 GMT
cm.php
fcm.holmesmind.com/ Frame 5B6B 		0
0
utag.js
t.ssp.hinet.net/ Frame 2031 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Fri, 17 Jun 2022 16:17:26 GMT
cm
c.holmesmind.com/ Frame 2031
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Fri, 17 Jun 2022 16:07:26 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
Preset.js
adcdn.holmesmind.com/adserver/ Frame 41BF 		575 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13798
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:a600:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:03:09 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
age
257
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
Hef6XDewfWCumgELecvt6QPgueCfeq3-ck6CtOA5-Zj3Z3dVrNvSdA==
via
1.1 2c0da8c5f883b1712644227b84998e74.cloudfront.net (CloudFront)
Preset.js
adcdn.holmesmind.com/adserver/ Frame 5074 		471 B
604 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=12679
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:a600:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2347e2113a0c6d4f115bcbeb6ae2982be9b2299fb0e333933dd5d7530d63b71e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:03:09 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
age
257
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
x3DuY9lHD2mbZpSvGZb5AXkxAvfbOkXNN7OQXWoHsMGb1b6q3kdFTw==
via
1.1 2c0da8c5f883b1712644227b84998e74.cloudfront.net (CloudFront)
Preset.js
adcdn.holmesmind.com/adserver/ Frame F6AD 		721 B
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=12678
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:a600:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
65270abb587a4a940d5e95391923a39c85fe155383bdada55710eba9084f0c24

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:04:29 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
age
177
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
LPVeebHmhbRMV428-ZNbf2dbhQwEiwgEdP5Se1lBJ3FbXyiWnVAOwQ==
via
1.1 2c0da8c5f883b1712644227b84998e74.cloudfront.net (CloudFront)
collect
stats.g.doubleclick.net/j/ 		7 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-102456694-1&cid=786912116.1655482046&jid=1824837083&gjid=522534799&_gid=926089554.1655482046&_u=IEBAAEAAAAAAAC~&z=757723069
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c13::9b Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 17 Jun 2022 16:07:26 GMT
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame E3CB 		8 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_US&agentVersion=205&adTrackingEnabled=true&adUnitCode=64d289b9-de9a-443b-a2c0-d45680807e46&apiKey=M2G62KV2NBNXKBPVHWQN&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Freurl.cc%2Fg2emzn&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
180.222.102.159 Taoyuan City, Taiwan, ASN24506 (YAHOO-TP2 YAHOO! TAIWAN HOLDINGS LIMITED, TAIWAN BRANCH, TW),
Reverse DNS
media-router-flurry71.prod.media.vip.tp2.yahoo.com
Software
ATS /
Resource Hash
082874b95cc4ebd30b667caeb6f78b8225dfde0dbc845e73c8f900df1f0a4f47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
strict-transport-security
max-age=31536000
b
geo.yahoo.com/ Frame E3CB 		43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:ec:c38::2001 Taoyuan City, Taiwan, ASN24506 (YAHOO-TP2 YAHOO! TAIWAN HOLDINGS LIMITED, TAIWAN BRANCH, TW),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:26 GMT
server
ATS
age
2
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
1
content-type
image/gif
content-length
43
Hq7X--n9goh.css
static.xx.fbcdn.net/rsrc.php/v3/ye/l/0,ja_JP/ Frame 0CBB 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ye/l/0,ja_JP/Hq7X--n9goh.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1e96d23570a21ae41a9fe619cd1040aebcdab437456cf7fbd47c86fcdc9614b2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
2bmBhxmDrDmveHCpMiWjOg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4714
x-fb-rlafr
0
x-fb-debug
aFcQGo7nct/4mWiLY9mptCEnmEaz+2+Ce4UjH0a7h4LQzYlWep8ZiLAEOXTFxxpz05lw6Kftj9ndTcuec9j3ZA==
x-fb-trip-id
382461245
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 07 Jun 2023 23:53:05 GMT
ads.js
ad.holmesmind.com/adserver/ Frame 41BF 		2 KB
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13798&rf=https%3A%2F%2Freurl.cc%2Fg2emzn&n=828&o=1&d=1&b=2&ts=1&ii=3&FPCK=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d529b5d90e70fae0b1bba85143c7a1597386470b10768c06218dcc19c6c0660b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 41BF 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
age
3
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:26 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
2773
x-amz-cf-id
3G8ZHN_vrB25On5DxcevOa29o5VZ77zKwids-laLETeM60tT64BDEg==
appierV2.js
cdn.holmesmind.com/js/ Frame 41BF 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
age
14
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:13 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
3177
x-amz-cf-id
QOzFg0jfGGdcQh6ydn89jqtDXayEDD1t3VcQJS36hJPlXuNmXILa3Q==
ads.js
ad.holmesmind.com/adserver/ Frame 5074 		2 KB
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=12679&rf=https%3A%2F%2Freurl.cc%2Fg2emzn&n=989&o=1&d=1&b=2&ts=1&ii=3&FPCK=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ccacf2032850044551455acc1d8c083604b61957218bf8445957eec32997d201

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
ads.js
ad.holmesmind.com/adserver/ Frame F6AD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=12678&rf=https%3A%2F%2Freurl.cc%2Fg2emzn&n=323&o=1&d=1&b=2&ts=1&ii=3&FPCK=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cc8e6baca99f4ec168c13266a5e9a3cb77e70f91576357675d9bc609f20a9778

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame F6AD 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
age
3
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:26 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
2773
x-amz-cf-id
gCnvuVN1LgGAx9sG8J0I2VSezGpGKXex-29jLpGsY9-TA7gv_P6c-Q==
publishertag.js
static.criteo.net/js/ld/ Frame F6AD 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-1dc01"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Jun 2022 16:07:26 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame F6AD 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
age
53
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:06:34 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
2443
x-amz-cf-id
UdECF1uzx19ejKIlcdm35aKzINmNBx9j2QMWbTuduHlCSH9-pFBlbw==
appierV2.js
cdn.holmesmind.com/js/ Frame F6AD 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
age
14
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:13 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
3177
x-amz-cf-id
bOBTJUGEyiZrVn74EHfbmcFDpoCQIJXbzrIZPQ807Iu3jmiHkFIamw==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame F6AD 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Fri, 15 Oct 2021 07:41:44 GMT
server
AmazonS3
age
34
etag
"adc35fd9401ac04bdb2a47c466e46174"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:06:53 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
2568
x-amz-cf-id
qoEk5mSrbuBMz5eNJ-DKlByyQuG0vDsKvUVfbOryV5Ueooxf195zyA==
currency.json
img.scupio.com/js/config/ Frame C0AB 		108 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-93.nrt57.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
450ec09142b8012915afafc33e1253f5c6abf4f6a95d866065a85be31536557b

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.62
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:06:28 GMT
via
1.1 b94f7b479f2b744da2f8847044c561f6.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jun 2022 19:15:01 GMT
server
nginx/1.12.1
age
59
etag
"62ab8135-6c"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=10800
x-amz-cf-pop
NRT57-C3
accept-ranges
bytes
content-length
108
x-amz-cf-id
-MZsL6oQawGsL3oZCPxeyClPBCn0OC5jm4lGPymZLQm97VFkbtqO9w==
expires
Fri, 17 Jun 2022 19:06:27 GMT
currency.json
img.scupio.com/js/config/ Frame 35F7 		108 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-93.nrt57.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
450ec09142b8012915afafc33e1253f5c6abf4f6a95d866065a85be31536557b

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.62
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:06:28 GMT
via
1.1 b94f7b479f2b744da2f8847044c561f6.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jun 2022 19:15:01 GMT
server
nginx/1.12.1
age
59
etag
"62ab8135-6c"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=10800
x-amz-cf-pop
NRT57-C3
accept-ranges
bytes
content-length
108
x-amz-cf-id
h6ySkkZfTZM3uG_vjJg0JWoKg14VIxnD1dH8pkwEv1RDZtrb81EsZA==
expires
Fri, 17 Jun 2022 19:06:27 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame C0AB 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Fri, 17 Jun 2022 16:07:26 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
header
hb.aralego.com/ Frame C0AB 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=8f76ebb8-0eae-428b-879a-8f20fe775986&host=img.scupio.com&u=https%3A%2F%2Freurl.cc%2Fg2emzn&xr=1&ao=https%3A%2F%2Freurl.cc&ucfUid=3b283db6-045a-4d92-9dbf-621102c5db5c&w=300&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Fri, 17 Jun 2022 16:07:26 GMT
access-control-allow-credentials
true
connection
close
prebid.aspx
prebid.scupio.com/recweb/ Frame C0AB 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.25920743168050775
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eec2885f3673c133670a3397098ddc5773a3302be966e24a237f7af765eb466c

Request headers

Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://img.scupio.com
cache-control
private
access-control-allow-credentials
true
content-length
2067
cdb
bidder.criteo.com/ Frame C0AB 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=18993335990
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid.json
ad.holmesmind.com/adserver/ Frame C0AB 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1655482046605&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 35F7 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Fri, 17 Jun 2022 16:07:26 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 35F7 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=30598564711
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid.json
ad.holmesmind.com/adserver/ Frame 35F7 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1655482046615&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
prebid.aspx
prebid.scupio.com/recweb/ Frame 35F7 		0
0
header
hb.aralego.com/ Frame 35F7 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=8f76ebb8-0eae-428b-879a-8f20fe775986&host=img.scupio.com&u=https%3A%2F%2Freurl.cc%2Fg2emzn&xr=1&ao=https%3A%2F%2Freurl.cc&ucfUid=ed35d417-36d2-4f2f-9158-f4a7a1ec7123&w=970&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Fri, 17 Jun 2022 16:07:26 GMT
access-control-allow-credentials
true
connection
close
/
t.ssp.hinet.net/ Frame 2031 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
a2eb1d8b99f9627d9144ef66506ef6d858162d01f23a3f768a8695241d563ee4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
drawV2.js
cdn.holmesmind.com/js/ Frame F6AD 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=12678&rf=https%3A%2F%2Freurl.cc%2Fg2emzn&n=323&o=1&d=1&b=2&ts=1&ii=3&FPCK=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
14
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:13 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
tfb4Y769QwTNxFgnlr_BsPxGP8i4B3nxTVfNjPCChKwzbELUUW4C3g==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 41BF 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:26 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame F6AD 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:26 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame F6AD
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=mJ30wjN3CoWTNnlgvqasYg
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=mJ30wjN3CoWTNnlgvqasYg
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 17 Jun 2022 16:07:26 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=mJ30wjN3CoWTNnlgvqasYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame F6AD
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Img4TYavAbeLdrRfvqasYg
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Img4TYavAbeLdrRfvqasYg
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 17 Jun 2022 16:07:26 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Img4TYavAbeLdrRfvqasYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame F6AD
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=q2Bt2zYNCWKLkxgWvqasYg
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=q2Bt2zYNCWKLkxgWvqasYg
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 17 Jun 2022 16:07:26 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=q2Bt2zYNCWKLkxgWvqasYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame F6AD
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=0Czy7zXiC0etMgw9vqasYg
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=0Czy7zXiC0etMgw9vqasYg
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 17 Jun 2022 16:07:26 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=0Czy7zXiC0etMgw9vqasYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame F6AD 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=58165417678
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cdb
bidder.criteo.com/ Frame F6AD 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=87771029696
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
drawV2.js
cdn.holmesmind.com/js/ Frame 41BF 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13798&rf=https%3A%2F%2Freurl.cc%2Fg2emzn&n=828&o=1&d=1&b=2&ts=1&ii=3&FPCK=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
14
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:13 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
WipRdyeL4Wt1ciH7Ub5Vc3k9ILsW9Y48V9qBx6buBTHbr0kRT3vFyA==
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=786912116.1655482046&jid=1824837083&_u=IEBAAEAAAAAAAC~&z=233020544
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=786912116.1655482046&jid=1824837083&_u=IEBAAEAAAAAAAC~&z=233020544
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
drawV2.js
cdn.holmesmind.com/js/ Frame 5074 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=12679&rf=https%3A%2F%2Freurl.cc%2Fg2emzn&n=989&o=1&d=1&b=2&ts=1&ii=3&FPCK=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
14
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:13 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
Spd-GtyDNubKO7J0dTNjmnTo3w4SLB3HnKEFkTckj2MyDGPvZiJguA==
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
887 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2003
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYgbagl8Btd8eo94PaJQd16PgBqz02Qbk%2BH%2FuqlkxNBmEhFrF7Ot%2BF0%2F5vSWV3pOfYrYWYoaSLKtbi3qmQQtXjk5QIzkO4dIQA6E%2F1pQAU%2Fjj3VO%2FpEsqjkLQ6S3B1ejg7p2nPhAVwlMUAUXZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
71cd09c7d9861ee2-NRT
cf-bgj
minify
ad_request
ads.aralego.com/ 		0
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2Fg2emzn&adid=ad-BE7EA7D3B2339BD4077327D9D4B2DA62&w=970&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.19364926864893395
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:27 GMT
Campaign-Id
10
Sourceapp
123456789
nonce
473b1a16-b4ef-43ad-9591-fcf3aefa82a7
Skadnetwork-Id
testad.skadnetwork
X-Height
90
X-AdStyle
banner
Signature
MEQCIEQlmZRNfYzKBSE8QnhLTIHZZZWCFgZpRqRxHss65KoFAiAJgJKjdrWdkLUOCCjuEx2RmFS7daRzSVZRVZ8RyMyUXg==
Connection
close
X-Width
970
Itunesitem
880047117
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Timestamp
1594406341
Link_Type
app
X-Adtype
html
Access-Control-Allow-Credentials
true
Version
2.0
events
bidder.criteo.com/csm/ Frame F6AD 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixel.gif
static.criteo.net/images/ Frame F6AD 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 12 Jun 2023 16:07:26 GMT
pixel.gif
static.criteo.net/images/ Frame F6AD 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 12 Jun 2023 16:07:26 GMT
events
bidder.criteo.com/csm/ Frame F6AD 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Jun 2022 16:07:25 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
emome2
t.ssp.hinet.net/ Frame 2031 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=326a92f5-0ecc-4712-8e90-a746670bd85a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
M2G62KV2NBNXKBPVHWQN_VFdfU2l0ZXRhZ19yZXVybF83Mjh4OTBfcGNfMjAxOTA2MTg=_1560829586131
s.yimg.com/ys/ Frame E3CB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ys/M2G62KV2NBNXKBPVHWQN_VFdfU2l0ZXRhZ19yZXVybF83Mjh4OTBfcGNfMjAxOTA2MTg=_1560829586131?cb=ygscb
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:a4:9fe:: , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
8015ce43c26e3e1e4854a7c2bc17a66aa1daad9425701373176ae4a7ae93a806
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 12:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1396750
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
content-length
831
x-amz-id-2
Abm2ze1AxlgsP/muCMlGi+mymrvH01L+BmS+x55brw7g3DIB0PK+dT2vb8vzO2HkciJp7B4fkCo=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Jun 2019 03:46:27 GMT
server
ATS
etag
"71bcbde4506c0d80a1c7b96307b1c563-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
0887JQSWMWPYXMDX
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public, stale-while-revalidate=30, max-age=2592000
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
bad51090ff6428749c877dd84b29ab8f.png
s.yimg.com/lo/api/res/1.2/Crgg5O._aF1L..oMEiH7FQ--~A/Zmk9Zml0O3c9MTMzO2g9MTA1O3E9OTA7YXBwaWQ9YTAwMTs-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/ Frame E3CB 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/lo/api/res/1.2/Crgg5O._aF1L..oMEiH7FQ--~A/Zmk9Zml0O3c9MTMzO2g9MTA1O3E9OTA7YXBwaWQ9YTAwMTs-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/bad51090ff6428749c877dd84b29ab8f.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:a4:9fe:: , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
97d14380639620ef5bc198e20ed2fa2cafb62cfb343d7b9e88cf294f9155407d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 10:26:20 GMT
x-content-type-options
nosniff
age
1316469
cld_latency
213
edge-cache-tag
370430659775752302253912343460627910738,261858166583457356490051765949444583397,ae7a14591aaf8d474cdb3f92111c923e
cld_cache
MISS
status
200 OK
server
ATS
cld_hits
0
x-cache
MISS
strict-transport-security
max-age=15552000
content-length
4282
x-xss-protection
1; mode=block
cld_by
cache-iad-kjyo7100057-IAD
x-served-by
cache-iad-kjyo7100057-IAD
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 02 Jun 2022 02:16:05 GMT
x-request-id
b63482be3bb0bbc67b0d3b2398474d56
x-timer
S1654165580.087755,VS0,VE213
etag
"3db5166e1ae7e9ea8da5131ec508228e"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
cache-tag
370430659775752302253912343460627910738,261858166583457356490051765949444583397,ae7a14591aaf8d474cdb3f92111c923e
cld_id
b63482be3bb0bbc67b0d3b2398474d56
x-cache-hits
0
kiarrow.jpg
ad.sitemaji.com/static/ Frame E3CB 		211 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.sitemaji.com/static/kiarrow.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
d2e31a1e3b6873caa1a5d66dba90568ab55b9362d642c2a36847066633d62ff4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 07:50:19 GMT
via
1.1 google
last-modified
Thu, 20 Jun 2019 08:48:16 GMT
server
nginx/1.12.1 (Ubuntu)
age
29827
etag
"5d0b4850-d3"
content-type
image/jpeg
cache-control
max-age=86400,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
expires
Sat, 18 Jun 2022 07:50:19 GMT
gemini.png
s.yimg.com/cv/apiv2/adbuilder/ Frame E3CB 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/cv/apiv2/adbuilder/gemini.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:a4:9fe:: , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
e4d7ad9f57f6cfab7610b8b0855c7937f5ec119be17ac6cf6377553c5e735f98
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

ats-carp-promotion
1
date
Tue, 31 May 2022 12:12:34 GMT
x-content-type-options
nosniff
age
1482893
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=15552000
content-length
3328
x-amz-id-2
jei7uu+avGf49eGP1Y0L+s5Zhyun4uHUUztpv9sVpArv9lOpkEwg9Xb4/u0NefDPZkUXC3J5Ytc=
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 02 Mar 2019 01:45:46 GMT
server
ATS
etag
"99f89d94ebcff9a04ef4c4174c7bc13a"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
x-amz-request-id
B7WD0VQPD0M3PCGH
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=2592000
accept-ranges
bytes
content-type
image/png
truncated
/ Frame E3CB 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/gif
landing.php
fp.holmesmind.com/ Frame 8BF7 		0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3731-vPUeODj98JoAJgPXNx4WMh0KtugmS6je&CFFPCKUUID=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&url=https%3A%2F%2Freurl.cc%2Fg2emzn&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Jun 2022 16:07:26 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 41BF 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Fri, 17 Jun 2022 16:17:26 GMT
landing.php
fp.holmesmind.com/ Frame 2177 		0
249 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3731-vPUeODj98JoAJgPXNx4WMh0KtugmS6je&CFFPCKUUID=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&url=https%3A%2F%2Freurl.cc%2Fg2emzn&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Jun 2022 16:07:26 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 5074 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Fri, 17 Jun 2022 16:17:26 GMT
landing.php
fp.holmesmind.com/ Frame DF8D 		0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3731-vPUeODj98JoAJgPXNx4WMh0KtugmS6je&CFFPCKUUID=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&url=https%3A%2F%2Freurl.cc%2Fg2emzn&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Jun 2022 16:07:26 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame F6AD 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Fri, 17 Jun 2022 16:17:26 GMT
/
t.ssp.hinet.net/ Frame 41BF 		36 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
045be4a1a062e1ceb58f55f537f93d2e4880399caf6162fc6b1345221bf678d9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
/
t.ssp.hinet.net/ Frame 5074 		36 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
045be4a1a062e1ceb58f55f537f93d2e4880399caf6162fc6b1345221bf678d9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
/
t.ssp.hinet.net/ Frame F6AD 		36 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
045be4a1a062e1ceb58f55f537f93d2e4880399caf6162fc6b1345221bf678d9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
emome2
t.ssp.hinet.net/ Frame 41BF 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=326a92f5-0ecc-4712-8e90-a746670bd85a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
emome2
t.ssp.hinet.net/ Frame 5074 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=326a92f5-0ecc-4712-8e90-a746670bd85a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
emome2
t.ssp.hinet.net/ Frame F6AD 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=326a92f5-0ecc-4712-8e90-a746670bd85a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
sdk
cdn.aralego.net/ucfad/sdk/apac-hk/ Frame D564
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3801
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43274
last-modified
Thu, 10 Feb 2022 09:34:53 GMT
server
cloudflare
etag
"6204dc3d-a90a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1YkSBt%2FjNX821pMLaF%2BPrsqNNWM9khpvx21LLirm0nItxHv23BZyX07JPVz2%2F0WUkJzn%2BwXRt%2Fz%2FaoPKrdWtXH3jk1QWvLW4n1gdNkjrUwwSG1IuVV3swZpJz9bWYZFTJM2b7txNE9a1ZvuxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
71cd09ccce2d1ee2-NRT

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Connection
close
Content-length
0
init.js
cdn.holmesmind.com/js/ Frame 9DA4 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
age
29
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:26 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
6552
x-amz-cf-id
yt3EvwpI5sxldircLnE5adQpnF869DW8-MrtDnC6eukRDDvaWME5sA==
init.js
cdn.holmesmind.com/js/ Frame 2730 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
age
29
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:26 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
6552
x-amz-cf-id
98zjOnXuA7Xf9RDa956H9dl8Ze3Npr_bb9ZaIenxCzyseev2b6IaEg==
cm
t.ssp.hinet.net/ Frame 41BF 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=3731-vPUeODj98JoAJgPXNx4WMh0KtugmS6je&mp=326a92f5-0ecc-4712-8e90-a746670bd85a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
326a92f5-0ecc-4712-8e90-a746670bd85a.t.ssp.hinet.net/ Frame 41BF 		0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://326a92f5-0ecc-4712-8e90-a746670bd85a.t.ssp.hinet.net/pixel?bd=326a92f5-0ecc-4712-8e90-a746670bd85a&t=50ef57
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
pixel
326a92f5-0ecc-4712-8e90-a746670bd85a.t.ssp.hinet.net/ Frame 5074 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://326a92f5-0ecc-4712-8e90-a746670bd85a.t.ssp.hinet.net/pixel?bd=326a92f5-0ecc-4712-8e90-a746670bd85a&t=50ef57
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 5074 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=3731-vPUeODj98JoAJgPXNx4WMh0KtugmS6je&mp=326a92f5-0ecc-4712-8e90-a746670bd85a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
326a92f5-0ecc-4712-8e90-a746670bd85a.t.ssp.hinet.net/ Frame F6AD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://326a92f5-0ecc-4712-8e90-a746670bd85a.t.ssp.hinet.net/pixel?bd=326a92f5-0ecc-4712-8e90-a746670bd85a&t=50ef57
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
cm
t.ssp.hinet.net/ Frame F6AD 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=3731-vPUeODj98JoAJgPXNx4WMh0KtugmS6je&mp=326a92f5-0ecc-4712-8e90-a746670bd85a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
capmapping.htm
cdn.holmesmind.com/js/ Frame 56F0 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
30
content-length
3044
content-type
text/html
date
Fri, 17 Jun 2022 16:06:58 GMT
etag
"b585383190cc538c34a520974872d918"
last-modified
Thu, 24 Mar 2022 11:21:34 GMT
server
AmazonS3
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
x-amz-cf-id
EIFjeTdzHVs_6wD8jm1bL6SlsIHgIi1LIdYlB97uMk7l0ZiVXqNMeg==
x-amz-cf-pop
NRT57-C1
x-amz-version-id
bA4BdajsGoQu4oL_HyEzRCsNuHmwq3bx
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 9DA4 		662 B
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
age
4
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:24 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
662
x-amz-cf-id
Lnqf_qVp_O2zuKXo3JoendWwmVn3dtfQ2Bfmg2ZuDSGgwUSDYrlbrQ==
presetfn.js
cdn.holmesmind.com/js/ Frame DDC3 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 03:26:21 GMT
server
AmazonS3
age
25
etag
"8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:03 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
6093
x-amz-cf-id
743Pzhh6zY2pUZpmC3q4WB47ydB-ZzglttQukzPa7WjuQ0gIDRb-qA==
capmapping.htm
cdn.holmesmind.com/js/ Frame 09DB 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
30
content-length
3044
content-type
text/html
date
Fri, 17 Jun 2022 16:06:58 GMT
etag
"b585383190cc538c34a520974872d918"
last-modified
Thu, 24 Mar 2022 11:21:34 GMT
server
AmazonS3
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
x-amz-cf-id
cYPuNzQnDqR8Cpq5a-yyL3mNGoSKvoI95IMe1N3vXx-wYb7s0Ycf4g==
x-amz-cf-pop
NRT57-C1
x-amz-version-id
bA4BdajsGoQu4oL_HyEzRCsNuHmwq3bx
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 2730 		662 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
age
4
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:24 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
662
x-amz-cf-id
cQ_8CoS6SoxX1vHFiiazIdb-kIE9dr-8NRX2Gm7u7tamqtuUzECmgA==
presetfn.js
cdn.holmesmind.com/js/ Frame 4E9C 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 03:26:21 GMT
server
AmazonS3
age
25
etag
"8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:03 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
6093
x-amz-cf-id
493a0LVs1N9KOCOQU5wuYZMrHoGpzhWcRFo1Jo8vvJI4w9AoDN1E-w==
cm.php
fcm.holmesmind.com/ Frame 523F 		0
0
utag.js
t.ssp.hinet.net/ Frame 56F0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Fri, 17 Jun 2022 16:17:27 GMT
cm
c.holmesmind.com/ Frame 56F0 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
/
cm.lndata.com/ Frame 56F0 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:27 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Content-Type
image/gif
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
google
m.holmesmind.com/ml/ Frame 56F0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri&uu_m=undefined
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri&uu_m=undefined&google_tc=
  • https://m.holmesmind.com/ml/google?cf_uid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri&uu_m=undefined&google_gid=CAESELS3PdKzmiPoQgwD2v5q9u8&google_cver=1
0
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri&uu_m=undefined&google_gid=CAESELS3PdKzmiPoQgwD2v5q9u8&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
x-guploader-uploadid
ADPycdsHad5XlCKnA99BvtrVL3hHZbbmW2QRIcDCpPT0qdCPfIwPZ0uz660KZyaLOxrajC6_gHQVIKksV58g9slbSsApBQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-generation
1519198601160228
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
content-type
image/png
expires
Fri, 17 Jun 2022 17:07:27 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://m.holmesmind.com/ml/google?cf_uid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri&uu_m=undefined&google_gid=CAESELS3PdKzmiPoQgwD2v5q9u8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame DDC3 		668 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13801
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:a600:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5c9b0652899d3687ea14076efe8f4144d1317fe1073dd7f1e87af7413408339a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 15:59:28 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
age
479
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
kuec9qVV8zuNg0j7RpTe2FqS28AZOhOaY_wdcpTXBeldyUgGOJ0bqw==
via
1.1 2c0da8c5f883b1712644227b84998e74.cloudfront.net (CloudFront)
cm
c.holmesmind.com/ Frame 09DB 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
cm.php
fcm.holmesmind.com/ Frame A0A7 		0
0
utag.js
t.ssp.hinet.net/ Frame 09DB 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Fri, 17 Jun 2022 16:17:27 GMT
/
cm.lndata.com/ Frame 09DB 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:27 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Content-Type
image/gif
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
google
m.holmesmind.com/ml/ Frame 09DB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri&uu_m=undefined
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri&uu_m=undefined&google_tc=
  • https://m.holmesmind.com/ml/google?cf_uid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri&uu_m=undefined&google_gid=CAESENnoEePNolwYAEfXzBhgyuc&google_cver=1
0
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri&uu_m=undefined&google_gid=CAESENnoEePNolwYAEfXzBhgyuc&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
x-guploader-uploadid
ADPycdt2oX32-ChFdX-NEKTUYJO9M4viZlnBAmHE4TqZvk7xnJyY9m4VlYOtxCzyk1kbxWKyQr897GB4g7iS55wJkVM3ppC9qRW0
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-generation
1519198601160228
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
content-type
image/png
expires
Fri, 17 Jun 2022 17:07:27 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://m.holmesmind.com/ml/google?cf_uid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri&uu_m=undefined&google_gid=CAESENnoEePNolwYAEfXzBhgyuc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 4E9C 		760 B
685 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13752
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:a600:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
37f7cb504e24d04c0a0ad415ed8612013957406bceb5dc53e21ce7480ecbe46d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 15:58:16 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
age
551
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
r_HVQumTj45VwlDelqYEG8VqFTsCRueVyWLakEwnEHOR3xavsPRRxw==
via
1.1 2c0da8c5f883b1712644227b84998e74.cloudfront.net (CloudFront)
ads.js
ad.holmesmind.com/adserver/ Frame DDC3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13801&rf=https%3A%2F%2Freurl.cc%2Fg2emzn&n=665&o=1&d=1&b=2&ts=1&ii=2&FPCK=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7a86fb6d51f497e09b74eec51961bd595f5b274d89c2a6062fdb7a310e3109dc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame DDC3 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
age
4
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:26 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
2773
x-amz-cf-id
PPy8q1EWC36IPO6uuJabvluugbwD7V9t4L6_Hr4nv3AEIg2Ki8-ARw==
publishertag.js
static.criteo.net/js/ld/ Frame DDC3 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-1dc01"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Jun 2022 16:07:27 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame DDC3 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
age
54
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:06:34 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
2443
x-amz-cf-id
4sKStHxlbP-2a2O6rElMe5drk-SPJC9E5NoP2UvxglH_6mIWqvzyJQ==
appierV2.js
cdn.holmesmind.com/js/ Frame DDC3 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
age
15
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:13 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
3177
x-amz-cf-id
YqPNgFPDM8aCBWUtKnj1a4iPTRMZ_QIp0MEs7IGT_gVdJH1j0pD5Lw==
ads.js
ad.holmesmind.com/adserver/ Frame 4E9C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13752&rf=https%3A%2F%2Freurl.cc%2Fg2emzn&n=705&o=1&d=1&b=2&ts=1&ii=2&FPCK=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
44badecd3372f286127a29db7e649744bdaa8107bb35d781e3b639b3e301439d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 4E9C 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
age
4
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:26 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
2773
x-amz-cf-id
h0hD4_vDbENfgFN2qPFbAGFLysrGGwUbpzcmQ1XlcCXRJrXoeT7HpA==
publishertag.js
static.criteo.net/js/ld/ Frame 4E9C 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-1dc01"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Jun 2022 16:07:27 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 4E9C 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
age
54
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:06:34 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
2443
x-amz-cf-id
wM5ctyLKbp8TD3mW-jnlm23O3PLF_mGbvGaHXvY13_dTqbB3r2PsiA==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 4E9C 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
age
13
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:15 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
4530
x-amz-cf-id
H4Lx-LLrAxTLfv7MxgaGthpVqGUdeILs6PlUHaB2MPnJ7UUw7FsfNg==
appierV2.js
cdn.holmesmind.com/js/ Frame 4E9C 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
age
15
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:13 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
3177
x-amz-cf-id
69VKYoKYVUlfYPxCkzgq9ChYH35fdbEu2WLOf_IKvu3gWnK5Bg-5rg==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 4E9C 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Fri, 15 Oct 2021 07:41:44 GMT
server
AmazonS3
age
35
etag
"adc35fd9401ac04bdb2a47c466e46174"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:06:53 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
2568
x-amz-cf-id
LVLieZduaj-astCNXde0z8VntCZaWHPGDC926wuIjdh-YB2qn6myIQ==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame DDC3 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame DDC3
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Img4TYavAbeLdrRfvqasYg
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Img4TYavAbeLdrRfvqasYg
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 17 Jun 2022 16:07:27 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Img4TYavAbeLdrRfvqasYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 4E9C 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 4E9C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8004672498278493
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4965e628910cd80db300c17e9536852cb53d1568c0408dd83abe94089b6eab58

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
cache-control
private
access-control-allow-credentials
true
content-length
2037
bid
ad2.apx.appier.net/v1/prebid/ Frame 4E9C
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Img4TYavAbeLdrRfvqasYg
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Img4TYavAbeLdrRfvqasYg
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 17 Jun 2022 16:07:27 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Img4TYavAbeLdrRfvqasYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame DDC3 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=32513696063
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
bid
ad2.apx.appier.net/v1/prebid/ Frame 4E9C
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Img4TYavAbeLdrRfvqasYg
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Img4TYavAbeLdrRfvqasYg
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 17 Jun 2022 16:07:27 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Img4TYavAbeLdrRfvqasYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
pixel.gif
static.criteo.net/images/ Frame DDC3 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 12 Jun 2023 16:07:27 GMT
pixel.gif
static.criteo.net/images/ Frame DDC3 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 12 Jun 2023 16:07:27 GMT
events
bidder.criteo.com/csm/ Frame DDC3 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cdb
bidder.criteo.com/ Frame 4E9C 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=2291434535
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Jun 2022 16:07:26 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixel.gif
static.criteo.net/images/ Frame 4E9C 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 12 Jun 2023 16:07:27 GMT
pixel.gif
static.criteo.net/images/ Frame 4E9C 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 12 Jun 2023 16:07:27 GMT
events
bidder.criteo.com/csm/ Frame 4E9C 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
/
t.ssp.hinet.net/ Frame 56F0 		36 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
045be4a1a062e1ceb58f55f537f93d2e4880399caf6162fc6b1345221bf678d9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
/
t.ssp.hinet.net/ Frame 09DB 		36 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
045be4a1a062e1ceb58f55f537f93d2e4880399caf6162fc6b1345221bf678d9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
drawV2.js
cdn.holmesmind.com/js/ Frame 4E9C 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13752&rf=https%3A%2F%2Freurl.cc%2Fg2emzn&n=705&o=1&d=1&b=2&ts=1&ii=2&FPCK=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
15
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:13 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
w6Qlpl58p6ir1IPM97rhFbpAahaAhVO6J37emN9mbkQtTJPIuPOqpg==
emome2
t.ssp.hinet.net/ Frame 56F0 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=326a92f5-0ecc-4712-8e90-a746670bd85a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
emome2
t.ssp.hinet.net/ Frame 09DB 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=326a92f5-0ecc-4712-8e90-a746670bd85a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
chtmp.php
ccm.holmesmind.com/ Frame 2730 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D44584%26Tags%3D2006%2C2005%2C2004%2C2003
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 2730 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D43618%26Tags%3D2006%2C2005%2C2004%2C2003
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 2730 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D45618%26Tags%3D2004%2C2003%2C2002
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 2730 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D45589%26Tags%3D2004%2C2003%2C2002
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 2730 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D45621%26Tags%3D2004%2C2003%2C2002
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 2730 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D45595%26Tags%3D2004%2C2003%2C2002
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 2730 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D45620%26Tags%3D2004%2C2003%2C2002
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 2730 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D45583%26Tags%3D2364
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 2730 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D45581%26Tags%3D2364
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 2730 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D44161%26Tags%3D2010%2C2009%2C2005%2C2004%2C2003%2C2002
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 2730 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D44624%26Tags%3D2010%2C2009%2C2004%2C2003%2C2002%2C2501%2C2502%2C2510%2C2539%2C2628%2C2592%2C2133%2C2306%2C2921
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
drawV2.js
cdn.holmesmind.com/js/ Frame DDC3 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13801&rf=https%3A%2F%2Freurl.cc%2Fg2emzn&n=665&o=1&d=1&b=2&ts=1&ii=2&FPCK=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:de00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 574881cd66cfdfabc6be99b14923eeac.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
15
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 17 Jun 2022 16:07:13 GMT
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
JxhFM_GDYxo3Qq4aKHn6vwqopxhoEtuA2-gxB-r47oRwWFn8HhIEeg==
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame D564 		975 B
845 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2004
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TemajgIHwsxrTs9%2FuZ64q2tOR%2BISYwrvtwZSY9k85HEsScPYgFqZRh3v71lIbRjYbM0w7kpxRNZPKaSzjCMHPXSL8AA48rTCQns8i0rQyBUQQ8SdqbkiYt4QAxwaFvRQxiOib6vDOtOSrwBGgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
71cd09ccde461ee2-NRT
cf-bgj
minify
idRequest
sync.aralego.com/ Frame D564 		46 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
d6186e9d2b7599c0a347cc8222cdfe3b1e558cd72b9f9b03f54439c628ed70d1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:27 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ Frame D564 		559 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2Fg2emzn&adid=ad-772836EB4BD79D3B0B3BA843D8A2AE49&w=970&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.6122401974831697&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=970%2C90%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
df84f7be123672ec0dc04b526561de9c771fc6850852da99cc9cd1c78d0830c3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:27 GMT
X-Width
970
X-Height
90
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-SspId
8b541bef-aaf2-3c99-b3f3-b618f163e0d3
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
559
X-AdStyle
banner
X-Adtype
html
chtmp.php
ccm.holmesmind.com/ Frame 9DA4 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D44584%26Tags%3D2006%2C2005%2C2004%2C2003
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 9DA4 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D43618%26Tags%3D2006%2C2005%2C2004%2C2003
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 9DA4 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D45621%26Tags%3D2004%2C2003%2C2002
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:28 GMT
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 9DA4 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D45589%26Tags%3D2004%2C2003%2C2002
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:28 GMT
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 9DA4 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D45620%26Tags%3D2004%2C2003%2C2002
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 9DA4 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D45595%26Tags%3D2004%2C2003%2C2002
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 9DA4 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D45618%26Tags%3D2004%2C2003%2C2002
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 9DA4 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D45583%26Tags%3D2364
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:28 GMT
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 9DA4 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D45581%26Tags%3D2364
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 9DA4 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D44161%26Tags%3D2010%2C2009%2C2005%2C2004%2C2003%2C2002
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 9DA4 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D44624%26Tags%3D2010%2C2009%2C2004%2C2003%2C2002%2C2501%2C2502%2C2510%2C2539%2C2628%2C2592%2C2133%2C2306%2C2921
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 17 Jun 2022 16:07:28 GMT
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
content-type
text/html; charset=UTF-8
landing.php
fp.holmesmind.com/ Frame 9A6D 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3731-vPUeODj98JoAJgPXNx4WMh0KtugmS6je&CFFPCKUUID=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&url=https%3A%2F%2Freurl.cc%2Fg2emzn&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Jun 2022 16:07:27 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame DDC3 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Fri, 17 Jun 2022 16:17:27 GMT
landing.php
fp.holmesmind.com/ Frame 7D7A 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3731-vPUeODj98JoAJgPXNx4WMh0KtugmS6je&CFFPCKUUID=7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq&url=https%3A%2F%2Freurl.cc%2Fg2emzn&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Jun 2022 16:07:27 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 4E9C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Fri, 17 Jun 2022 16:17:27 GMT
/
t.ssp.hinet.net/ Frame DDC3 		36 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
045be4a1a062e1ceb58f55f537f93d2e4880399caf6162fc6b1345221bf678d9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame D499 		714 B
837 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
age
4499
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
71cd09ce3f901ee2-NRT
content-encoding
br
content-type
text/html
date
Fri, 17 Jun 2022 16:07:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbFH52fIqys3ClXzsuGGUyw7CdW7fMdXCziCgoBrNHipbyXu7hxgRaZDAhV4abnp3XyczMbjyEoJbvnZBZ4IoC354lR2582e7qQmyV6Vb5Damq31Kofge9r9sADuLsypHwFRTBef%2F7kWfhYb%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame D564 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:27 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D499 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
sffe /
Resource Hash
6cbe12faad98d8b75965e41ff4037cb368597f121df1075a3fbcea18834201d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27914
x-xss-protection
0
server
sffe
etag
"1247 / 328 of 1000 / last-modified: 1655464010"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Jun 2022 16:07:27 GMT
rec.js
img.scupio.com/js/ Frame 984E
Redirect Chain
  • https://rec.scupio.com/recweb/js/rec.js
  • https://img.scupio.com/js/rec.js
21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/rec.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol
H2
Server
99.84.133.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-93.nrt57.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
09533e9658b31fcb79764178f8e7e9df7e1c36a7dc7bd22b5fa87e2da89a56d4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:04:19 GMT
content-encoding
gzip
last-modified
Wed, 03 Nov 2021 03:30:07 GMT
server
nginx/1.12.1
age
189
etag
W/"6182023f-5429"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 b94f7b479f2b744da2f8847044c561f6.cloudfront.net (CloudFront)
cache-control
max-age=10800
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
mUJ-_ABRGEK9EioDTcoBLH4R1MZX_JaoYz7260erCfb-PLLuq6E3Vg==
expires
Fri, 17 Jun 2022 19:04:18 GMT

Redirect headers

Location
https://img.scupio.com/js/rec.js
Date
Fri, 17 Jun 2022 16:07:27 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
155
Content-Type
text/html; charset=UTF-8
bidinfo.aspx
bw.scupio.com/adpinline/ Frame C0AB 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.5043598449924791
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f6112d177769247bc1aa3251ac4021f15714c9f7ae1da34b71ee36b52b085395

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 17 Jun 2022 16:07:27 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/javascript; charset=utf-8
Content-Length
894
truncated
/ Frame C0AB 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 2F6F 		117 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1cddd2f3bf51045989834d533d896d5c5da9cde5dbe21e090d75d6b18d6de6f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39793
x-xss-protection
0
server
cafe
etag
5361612212136870374
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 16:07:27 GMT
pubads_impl_2022060901.js
securepubads.g.doubleclick.net/gpt/ Frame D499 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
sffe /
Resource Hash
21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 09:15:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127664
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 08:36:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 17 Jun 2023 09:15:41 GMT
ls.html
img.scupio.com/html/ Frame 95A1 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-93.nrt57.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.62
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
1432
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 17 Jun 2022 15:43:35 GMT
etag
W/"583295c9-4dc"
expires
Fri, 24 Jun 2022 15:43:35 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 b94f7b479f2b744da2f8847044c561f6.cloudfront.net (CloudFront)
x-amz-cf-id
rO98JsWP88dqrp2U6X0hbwu6tAwdo8xgG3LwMQrFxVQ-uGrTPcFkVw==
x-amz-cf-pop
NRT57-C3
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame 391E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0JBMjAyMjA2MTgwMDA3Mjc2OTQ3Mg%3d%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENiWB8HYFLHv60xAIgy3EKQ&google_cver=1&google_ula=3918219,0
0
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENiWB8HYFLHv60xAIgy3EKQ&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol
HTTP/1.1
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:27 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
text/javascript
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENiWB8HYFLHv60xAIgy3EKQ&google_cver=1&google_ula=3918219,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame AF33
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Jun 2022 16:07:27 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 17 Jun 2022 16:07:27 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
sync.aralego.com/idSync/ Frame 391E 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CBA2022061800072769472
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:28 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cm
t.ssp.hinet.net/ Frame 56F0 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri&mp=326a92f5-0ecc-4712-8e90-a746670bd85a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
326a92f5-0ecc-4712-8e90-a746670bd85a.t.ssp.hinet.net/ Frame 56F0 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://326a92f5-0ecc-4712-8e90-a746670bd85a.t.ssp.hinet.net/pixel?bd=326a92f5-0ecc-4712-8e90-a746670bd85a&t=cf
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
pixel
326a92f5-0ecc-4712-8e90-a746670bd85a.t.ssp.hinet.net/ Frame 09DB 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://326a92f5-0ecc-4712-8e90-a746670bd85a.t.ssp.hinet.net/pixel?bd=326a92f5-0ecc-4712-8e90-a746670bd85a&t=cf
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 09DB 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri&mp=326a92f5-0ecc-4712-8e90-a746670bd85a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:27 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
mbcsc
tp2.beap.gemini.yahoo.com/ Frame E3CB 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tp2.beap.gemini.yahoo.com/mbcsc?bv=1.0.0&es=dBJrYl0GIS.xzjhI.z8zEwxMiOLzWc4KjTZYoqQONpecedHyZ_feMBXz3zvf3E4hSPyoeOso5gXBswGXglTZxC9fUqHm_4DcRuy3eID_wrxXg39vGFpf_TkVxNf.DepyUeavpeT4.uJXQgpiFo2YEPUoKEYnPH6FYkk9nAHp2SorLGbaswNsw.2ErcnQK5RUfuxm_SDZKhVW2gIkROAXpKxMVjG8_wYTUW.XPodhLHIc9KElcUKYexGsn9YcIly4r6a05o97yiuyki4jIpmvILLXoq8qKMYYeCKpSs9qMmdIWGP2D47DNwV0JiVjSP.5ZuPAwCYDfFfmfIp.w4sByzSXZErrq5.tQbGFu.Prfn67LDQznsApbDCS5HWrkHbb6H0LRf1sP1pVDCpCrICYa9sgKUluEW5blKf4CtfWKMlWsAbJ9zuuhnp2U7Gf0BMInmBFyeekd_p6omt8BpdT7BthU1JeBUU6v1AwKhc291kUvw_u_atNzViES4GH5wUYD6uMiMAXQjZNa2WSZnEXmcVMVwPq2puXnREuD34v8bd7BDoYCzGfUJ6Y0KTuiJtc4n2WnFJmXVNULYuFxKy4CM9Pd0SWlGtH0OB_f.mQf4Wz1G6CR3GWGLrMwuAgQnVSAUqK5sfVMB9__u54ajr7FHCfI0O9t0rH0RZFQ230j5No0diCxkoNXivWDhHpKG8KfmRXW7zhDHYsAUHCTvQNZddcZ.ZhtLhXjikU4dU4PiV6rFRZGThWjky4jCif0AjfK0nIzJ0NudNUR2AVsC31zROxPhTJiupM4fLNX2OWFlkHChp63T2LADtTOfNbmZvZDqLhBHRrkKbL5X5bxRjJ_9fOtlIuWBxYlcuf4md_FhGbYsrGFbPoVIMVqTpg4T3lc31mHL9jbdtIHBBbCEsiUPtMo2xbWi42ZQyjRwBItOPyYAM4YYUSQIqPSDd0VKPcGrJult6QCM7qRz1vCE2SfBhRb1dofv2vAIIEDIQpQH._RWTsKlhAYKY4AkOj0FN.d4f4OhIWBirdBDwKsJd6uBPX3S5i9qd1LUc4s6mTSt6RoGVqAjYyaQ2mPnoTD6E0soJhMg0B3thHZEPwojQuZJzvG5O_E1YB.iTll4uwjNe4ZYGurpETl5NBgc7EOg3.bEvYVBclj4Y9Esvas7r6uOqw89LTl5Cugl0ZBtWUB1vjTyHE5XlDvMuhkbthE9_qMnEQaSCCRs.LdMwoLRGE2ykpq5yWeo3dL_2jA69pE6tMkoaSz6zBE.O9jbaN3SJio4oO1y.bMZkIJHb9ACrtz4bXHDGurW4ZlVFLfpZ3wqhHp33BSL8AC1ji2KTFmZfi.r1gWvOnAI64PzWmWAYdnMzxb4wq3IKh76QD2fvTrf5_V.yXoNCDnNvkvSdX6o0cIJF6iDjbg4vBMWcpNplkLGuN4h9UKSZ0lw5T4DToYCWnw8CvQc6Rh.2sIfAnsBUx63w6p7EPLBT_7t1MrLXhVl8Hb5P8vspInA3V44NeJ1NSa8kcuO5VXPOahYBVVBqLh_gDjqQpOLlcbCUpqHyR2TOucUW57trYDameg6CvWJ8QQJROkcvOtxC0oSKmEsKJbY3KfXTZ55dxz_AMYnIy9gg9P4zAIb5IR_M5KyVyq0L4RGtgkR75mTQbTGRVg8Po_EQRtEFBv55lxTvCud_vARH1prcVRFFIJbEPyadpf7ZmEArci.vMrW3BAUBiFy__3ldW.Y_whYEQHwi77Uz2UyxtUYY.MALYAV.rjd5dF2kjspQ1ZTVvs81c.9XUR.STFA8VA6re1D9UrFqifyZ72G0ePeWAgJo08k14y53Dbz4vLD3M86PPM0.aeJoYwQwQYXuJUIS1W4M9obVedr.UTMzsLfS_oBIwBlxWui_6WywGvPT3kNkctCqqpAQvZknDQoEz6DqMMvFH3BYQOTgeX4ZYvDzNqVvvAyQQ.xks7pJnskjNeP.vVHXew.mYX4yxNTsliFng4ijwkpakGnTl.9xNQ0Lc972oPgydnyYCpFijKdqxi7GcLck80zmHkr4vHbfDM1uoFA65RlxGX87EZO0j9u2QJHGxYt4fdAEtHDOjEXpxb6vZvUtLMq3FHd.8rM50RZMBA9G_eck8VHNoBFo2l3uHSUW_xdksicx7lQIsqgPuQ3jUtsXtYNNcs9nnfPfiXKeXdezhkTAJFzyuKzqlK53lptaG65qn6rCzDJ8S1fAm1T5MRJbIl90pSZRiF1t2mRlbS2F2EZyZwFcmOQ6ZM8B2n_gxDEsR0IS8YbyX0oF467xjBfGgMZnAPAt_f4phWg9ApDVTVURo1EXJ_VzfQg4nTuqcWXanhN3xBPNBi1jmbXVbfmf_C0y7xc4j3LOcbU16Ae0iupYOmmfzO3UN4C8N7KYzHpxleWRW2VpHYfBvZiHLiiwnqTZHQgBBZ53D8gvD6yO15zE64Pr9RPerR2iBLVbpCgPqSaaqeFtSJauwzyJGVZKG8tAAY8mznRh55j8kRaxHd5he1.lQ1gP9ge3JShkE34qGgIUXNtaMoXNsIsNsEys2ss_SHwvjbH1W6e2tHxuvjHUgfCzzkTeP&ap=pp%3Dm%2Cpi%3D0
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
180.222.102.162 Taoyuan City, Taiwan, ASN24506 (YAHOO-TP2 YAHOO! TAIWAN HOLDINGS LIMITED, TAIWAN BRANCH, TW),
Reverse DNS
beap1.cbs.vip.tp2.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only";
x-frame-options
SAMEORIGIN
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
1; mode=block
views
d.adx.io/ Frame E3CB 		43 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adx.io/views?xb=35CJa4376&xd=7&xnw=xad&xtm_content=23851261312860029.4433.15595.103351965&rnd=94c3b95a-ee57-11ec-955a-008cfacd52b4-7f07ffc3b700
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.78.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-78-253.compute-1.amazonaws.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
p3p
CP="P3P is dead. More - http://www.w3.org/P3P/1.1/Overview.html; Hacker? Mail hireme+p3p@deltax.com for free beer :)"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-disposition
inline
content-type
image/gif
content-length
43
expires
Sat, 26 Jul 1997 05:00:00 GMT
beacon.do
ads.yap.yahoo.com/nonSDK/beacon/v1/ Frame E3CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yap.yahoo.com/nonSDK/beacon/v1/beacon.do?id=Ssy21YuOXau_yRLX5kc9Gmvzf5aLMc4OEZIxbhxNiwMy_Q-dSIGpog1tmvAGn_GqP_j72L5fPTORo8IFxy7_snfMJqYo1Y2c20015MIXOpyHRtiIoJyo6eWYhHHdyvHqW4gvIb2ZN4trbsIn1jQYBG-4A-lfG1nILW5MH8DlRvoQxg5aXCAAN4cA0rvGmYyTS5EmNvOvmRp3cN-tPsvZx-8UKUTf3c78oNJHtNZF8tF-aMRiBR9zOjn3H63HutHqwlQnA3J6L06eXzQw3mT_1XDjObJPe49KQmP4_fa6sbQVECipTr8EcO6NG_7jeWIf
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
180.222.102.159 Taoyuan City, Taiwan, ASN24506 (YAHOO-TP2 YAHOO! TAIWAN HOLDINGS LIMITED, TAIWAN BRANCH, TW),
Reverse DNS
media-router-flurry71.prod.media.vip.tp2.yahoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
jquery-1.7.2.min.js
code.jquery.com/ Frame 984E 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.7.2.min.js
Requested by
Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-17278"
vary
Accept-Encoding
x-hw
1655482048.dop096.sj3.t,1655482048.cds212.sj3.hn,1655482048.cds091.sj3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33626
usync.js
eus.rubiconproject.com/ Frame AF33 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ec932c455eda11443b2dc60e323f01a43a8a93eeb5bb281460f90e900f15151b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46715
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9456
Expires
Sat, 18 Jun 2022 05:06:02 GMT
khaos.jpg
token.rubiconproject.com/ Frame AF33 		284 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
dbbc2dbf689859fb5870b364473d5441
Content-Type
image/jpg
integrator.js
adservice.google.co.jp/adsid/ Frame D499 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D499 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D499 		306 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1696235357171023&correlator=1977729382628230&eid=31068076%2C31067167%2C42531606&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&ecs=20220617&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1655482048023&lmt=1644386353&dlt=1655482047730&idt=266&biw=-12245933&bih=-12245933&adxs=-12245933&adys=-12245933&ucis=v5k8wao2uvj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=400891016.1655482048&ga_sid=1655482048&ga_hid=529461676&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
98d50c36c1bdb00396a07b55d2e3d42141149a3e1f0859514d664454c9c7ad38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
721a07cf651cd11c1403a4c6154c2314.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 06DF 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://721a07cf651cd11c1403a4c6154c2314.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 16:07:28 GMT
expires
Sat, 17 Jun 2023 16:07:28 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/ Frame 2F6F 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f566849369b47907013f185c5f26ada819725f6ec5c52bc7bd5fd4be0c9d47f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122725
x-xss-protection
0
server
cafe
etag
16529059846515264924
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 16:07:28 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-hk/ Frame 0CF5
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3802
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43274
last-modified
Thu, 10 Feb 2022 09:34:53 GMT
server
cloudflare
etag
"6204dc3d-a90a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZ4GVbrWfxbBV%2FlooIdgKW2eE3zX38AYoCVoFIOfFO5IB0B4ZLl8xqAd2iN3vIN56ml5Q0BsadpYYw27kqGzTM2RirqumZnUFtDCK5SR1fiYqkLnUCa%2FnrNXvU2TjZYaPD8mA1d0bVPMTTLc8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
71cd09d17aa81ee2-NRT

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Connection
close
Content-length
0
sdk
cdn.aralego.net/ucfad/sdk/apac-hk/ Frame F67F
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3802
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43274
last-modified
Thu, 10 Feb 2022 09:34:53 GMT
server
cloudflare
etag
"6204dc3d-a90a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TatobNt8TmcQHcFtRDgCa5TFuiCe9wRyXgw%2Bz8ytyHV9C9wJgCwiGlqFZa0TH3kHVLGPuUopM2KzE9HDN2E4tk33Z2aBBFFDTZm9RndnarDHqhjDXEwqy4IqO7e9S8EoQW%2BgxqSXhbmHErpNpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
71cd09d1db071ee2-NRT

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Connection
close
Content-length
0
cm
t.ssp.hinet.net/ Frame DDC3 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=3731-vPUeODj98JoAJgPXNx4WMh0KtugmS6je&mp=326a92f5-0ecc-4712-8e90-a746670bd85a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
326a92f5-0ecc-4712-8e90-a746670bd85a.t.ssp.hinet.net/ Frame DDC3 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://326a92f5-0ecc-4712-8e90-a746670bd85a.t.ssp.hinet.net/pixel?bd=326a92f5-0ecc-4712-8e90-a746670bd85a&t=50ef57
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
pixel
326a92f5-0ecc-4712-8e90-a746670bd85a.t.ssp.hinet.net/ Frame 4E9C 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://326a92f5-0ecc-4712-8e90-a746670bd85a.t.ssp.hinet.net/pixel?bd=326a92f5-0ecc-4712-8e90-a746670bd85a&t=50ef57
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 4E9C 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=3731-vPUeODj98JoAJgPXNx4WMh0KtugmS6je&mp=326a92f5-0ecc-4712-8e90-a746670bd85a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
jquery.min.js
img.scupio.com/js/ Frame 984E 		93 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/jquery.min.js
Requested by
Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-93.nrt57.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.62
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:04:59 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2016 02:46:48 GMT
server
nginx/1.12.1
age
150
etag
W/"57578718-17277"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 b94f7b479f2b744da2f8847044c561f6.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
vdO_-C49wbAaaGbeG2Ok-sqo9WM9KKyFu_yN1ioZJOmiELge0hHwLw==
expires
Sat, 17 Jun 2023 16:04:58 GMT
ls.html
img.scupio.com/html/ Frame 1C67 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html?mid=52
Requested by
Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-93.nrt57.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.62
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
2685
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 17 Jun 2022 15:22:44 GMT
etag
W/"583295c9-4dc"
expires
Fri, 24 Jun 2022 15:22:43 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 b94f7b479f2b744da2f8847044c561f6.cloudfront.net (CloudFront)
x-amz-cf-id
ZD8NytdDcbJFV2g-g1m8TTPiWka5gV1ZQwhKbpJvMD6yHxAYwmM7JQ==
x-amz-cf-pop
NRT57-C3
x-cache
Hit from cloudfront
rec.aspx
rec.scupio.com/recweb/ Frame 984E 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/rec.aspx?cb=0.7869888410704182
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
86185bf6f2b752cf4fb4c3fe4277831a5e00feaadabc6d60c678de3a8f24ae57

Request headers

Accept
*/*
Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 17 Jun 2022 16:07:27 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
text/javascript; charset=utf-8
Content-Length
1776
sodar
pagead2.googlesyndication.com/getconfig/ Frame D499 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022060901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c358f8c4870cf6304d9602dcea077dc1f2bd8836c38e539a3b3697088ccd3818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10736
x-xss-protection
0
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 0CF5 		975 B
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2005
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBgVC%2BWKRSKuRRKat09S0voHt%2Bz7yyES0rkDlHK5GaQisMX%2BHVgnWm8LCsrI4M8B%2BPl4affqQdJ6UvxHrXG3YGEdXmz5X%2FGUGLKg0FGjfKnqcyheFphGOt1CmcU%2B0DFxQPPmlO8tyRcZRbaPjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
71cd09d19ac61ee2-NRT
cf-bgj
minify
idRequest
sync.aralego.com/ Frame 0CF5 		46 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?ucfUid=8b541bef-aaf2-3c99-b3f3-b618f163e0d3&lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
d6186e9d2b7599c0a347cc8222cdfe3b1e558cd72b9f9b03f54439c628ed70d1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:28 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ Frame 0CF5 		555 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2Fg2emzn&adid=ad-BE78DB396979B34E17BE3B66A3E7D76B&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.09606186725389065&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ucfUid=8b541bef-aaf2-3c99-b3f3-b618f163e0d3&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
fdfa393e5fb39c4ab607d817e8d0b5fe3573a4a2e3e8554131fbade8d615bcbf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:28 GMT
X-Width
300
X-Height
250
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-SspId
8b541bef-aaf2-3c99-b3f3-b618f163e0d3
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
555
X-AdStyle
banner
X-Adtype
html
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame C0AB 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Jun 2022 16:07:28 GMT
adsbyscupio.js
img.scupio.com/js/ Frame 9DAB 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-93.nrt57.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.62
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:05:36 GMT
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 03:30:31 GMT
server
nginx/1.12.1
age
114
etag
W/"607cf957-11ab"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 b94f7b479f2b744da2f8847044c561f6.cloudfront.net (CloudFront)
cache-control
max-age=10800
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
8d3uReI-fLTyIFrGthSbwa8MRAGOnw7CPwyR5K3HcjaTDElaoYvpHA==
expires
Fri, 17 Jun 2022 19:05:34 GMT
bidinfo.aspx
bw.scupio.com/adpinline/ Frame 35F7 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.16322400894158196
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ea87ad73980f7e84e1acee272ec3670ec326915623996fd4ae66e4c01092d67d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 17 Jun 2022 16:07:28 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/javascript; charset=utf-8
Content-Length
749
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 35F7 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Jun 2022 16:07:28 GMT
970x250.jpg
img.scupio.com/img/padding/ Frame 9DAB 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/img/padding/970x250.jpg
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-93.nrt57.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
1219005b1ac715570be263a42b98d63280456e8fc7fcdfdf704536cfe5f9e9b2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.62
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
via
1.1 b94f7b479f2b744da2f8847044c561f6.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 03:31:40 GMT
server
nginx/1.12.1
age
154
etag
"607cf99c-b9b9"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
NRT57-C3
accept-ranges
bytes
content-length
47545
x-amz-cf-id
qCJ1AF54WTuIlNd9_wO1LDDnexEv_YzHxd27_cqTIDtklLS0JGwVNg==
expires
Sat, 17 Jun 2023 16:04:54 GMT
syncframe
gum.criteo.com/ Frame C94A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
b4226fe5329d5e56744ae24b393cb8a3a8ab895661b294972bd516cd388e0f0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6153
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 16:07:28 GMT
server-processing-duration-in-ticks
1776
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame C0AB 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Jun 2022 16:07:28 GMT
truncated
/ Frame 35F7 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D499 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Jun 2022 16:07:28 GMT
adimg.js
img.scupio.com/staticfiles/eba12ed483999e46e895a933bdcc5625aec3a073/scripts/adbanner/build/ Frame 984E 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/staticfiles/eba12ed483999e46e895a933bdcc5625aec3a073/scripts/adbanner/build/adimg.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-93.nrt57.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
d17f29657ca9442ee39565b481c0f68e783c1dd99767da74eb872f7228b05aa5

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://img.scupio.com/html/ad.html?v=1.0.62
X-Requested-With
XMLHttpRequest
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 08:44:11 GMT
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 08:37:32 GMT
server
nginx/1.12.1
age
112997
etag
W/"62aaebcc-b7e"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
zQUGLhJ-RQqUA2Kf6jBefs1ogr42Wv_OfUaVCEeT-iw987cnpN2JcQ==
via
1.1 b94f7b479f2b744da2f8847044c561f6.cloudfront.net (CloudFront)
expires
Fri, 16 Jun 2023 08:44:11 GMT
CoverImage.js
img.scupio.com/staticfiles/eba12ed483999e46e895a933bdcc5625aec3a073/scripts/adbanner/build/ Frame 984E 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/staticfiles/eba12ed483999e46e895a933bdcc5625aec3a073/scripts/adbanner/build/CoverImage.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-93.nrt57.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://img.scupio.com/html/ad.html?v=1.0.62
X-Requested-With
XMLHttpRequest
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 08:44:11 GMT
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 08:37:32 GMT
server
nginx/1.12.1
age
112997
etag
W/"62aaebcc-54d"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
NyCli8hDjW1U1DqYOVYfKaBVkMUX9flU2lcYvZijFJ9ilKwr10X7xQ==
via
1.1 b94f7b479f2b744da2f8847044c561f6.cloudfront.net (CloudFront)
expires
Fri, 16 Jun 2023 08:44:11 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 2F6F 		383 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
43d6370e6b392c8c511eb8ca2703063e0ad6cac53a634140bddd81fcaa50da81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
250
x-xss-protection
0
integrator.js
adservice.google.co.jp/adsid/ Frame 2F6F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2F6F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E6FE 		80 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=90&slotname=2784%2F12678&adk=3326638708&adf=1605851719&pi=t.ma~as.2784%2F12678&w=970&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048039&bpp=12&bdt=536&idt=276&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=2110577751545&frm=23&ife=1&pv=2&ga_vid=786912116.1655482046&ga_sid=1655482048&ga_hid=893530697&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=984&biw=1600&bih=1200&isw=970&ish=90&ifk=3449834543&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531556%2C42531606%2C42531608&oid=2&pvsid=1040823750251013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hd0gmvaa3q41&fsb=1&dtd=301
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
52f21cc85b232b7e095e7998cac1a47ff64f9b8e3a78983f55537f32daebd5f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
28726
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 16:07:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ls.html
img.scupio.com/html/ Frame D9EE 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-93.nrt57.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.62
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
1433
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 17 Jun 2022 15:43:35 GMT
etag
W/"583295c9-4dc"
expires
Fri, 24 Jun 2022 15:43:35 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 b94f7b479f2b744da2f8847044c561f6.cloudfront.net (CloudFront)
x-amz-cf-id
au5i2vk9bpDpoDfM634M3LOA7nKhW2H56ODeVwg2jztK-yhbCXVw_w==
x-amz-cf-pop
NRT57-C3
x-cache
Hit from cloudfront
/
sync.aralego.com/idSync/ Frame BEAE 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CBA2022061800072769472
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:28 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
usync.html
eus.rubiconproject.com/ Frame 9814
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Jun 2022 16:07:28 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 17 Jun 2022 16:07:28 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
0ef7cb34-015a-4efd-ae05-4c2ce9716661.jpg
img.scupio.com/dsp/ad-image/931/0/ Frame 984E 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/dsp/ad-image/931/0/0ef7cb34-015a-4efd-ae05-4c2ce9716661.jpg
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-93.nrt57.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f9ca190e54d9f4c4f4d8ba20a8100aae79ae3f11ae6f11f179dd1a53ccae1bd9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.62
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 15:56:10 GMT
via
1.1 b94f7b479f2b744da2f8847044c561f6.cloudfront.net (CloudFront)
last-modified
Fri, 27 May 2022 01:50:05 GMT
server
nginx/1.12.1
age
998
etag
"62902e4d-81b8"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=21600
x-amz-cf-pop
NRT57-C3
accept-ranges
bytes
content-length
33208
x-amz-cf-id
sko_VmIgLlkT-OrGXrImNjoKbugHG-n88F6yYw7cLGa6FBqK3KiX7w==
expires
Fri, 17 Jun 2022 21:50:50 GMT
syncframe
gum.criteo.com/ Frame 79E0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
b4226fe5329d5e56744ae24b393cb8a3a8ab895661b294972bd516cd388e0f0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6153
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 16:07:27 GMT
server-processing-duration-in-ticks
3879
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame C94A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=tVCGjHx5YmhvMnJ2bGVSZ29tVkphZFVjaVFqMC9paFgxbUhCY3NDeVViU2JpYnArNm1TOWRLTWw3VHA2V2l4bG5lYzRzMnN6V3lKaU9uT01TVHU5ajNRcU5mOE9oNnFqOVZGVWJ6RlVXb1FFWTVSUG9ldHFva1dnRVZJcF...
422 B
629 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=tVCGjHx5YmhvMnJ2bGVSZ29tVkphZFVjaVFqMC9paFgxbUhCY3NDeVViU2JpYnArNm1TOWRLTWw3VHA2V2l4bG5lYzRzMnN6V3lKaU9uT01TVHU5ajNRcU5mOE9oNnFqOVZGVWJ6RlVXb1FFWTVSUG9ldHFva1dnRVZJcFFJODA0SEh3QzVZd1lQbVo0WGxnSUl2YTZYU0ZRU2N2WHlKSFpKd09nTUY5cUlzRm5NeUltYXh5ZVNna3NpM2NUaHRhUjNiS0tZdisrVHZIWm0xUGN6UXpjSENDSEpGTFQ0RkxmVVFwVjhvc0RMM1JFV3N1TmFKUFovdzVYemF4NmdCUjFKVWdUTjhBb2I0Uzd2UVQ3MVozYk4yME4vZCt6ZG16RG5rbU5lREdobmJ4d0xOcz18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
38cc1c95c970875eb071034931ed3c6e9ebae36ea721f2f3730680e7ec52d0d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2959
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:28 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=tVCGjHx5YmhvMnJ2bGVSZ29tVkphZFVjaVFqMC9paFgxbUhCY3NDeVViU2JpYnArNm1TOWRLTWw3VHA2V2l4bG5lYzRzMnN6V3lKaU9uT01TVHU5ajNRcU5mOE9oNnFqOVZGVWJ6RlVXb1FFWTVSUG9ldHFva1dnRVZJcFFJODA0SEh3QzVZd1lQbVo0WGxnSUl2YTZYU0ZRU2N2WHlKSFpKd09nTUY5cUlzRm5NeUltYXh5ZVNna3NpM2NUaHRhUjNiS0tZdisrVHZIWm0xUGN6UXpjSENDSEpGTFQ0RkxmVVFwVjhvc0RMM1JFV3N1TmFKUFovdzVYemF4NmdCUjFKVWdUTjhBb2I0Uzd2UVQ3MVozYk4yME4vZCt6ZG16RG5rbU5lREdobmJ4d0xOcz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1236
content-length
567
expires
0
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame F67F 		975 B
853 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2005
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxMVE%2FJrM5YsJ83JOp675jM9RZ1y2E%2BQOuGFoQY6sIDwfjZVpb5BzwpaJ9K%2FQ8DxgnG7Gj1%2F7%2FU4qZ2IR7UpPuGagd%2BfORDAWRZ9h2F1IRk%2BH4yHaZtMZs6gdJBF9VUu4LaldaPnqzcBy%2BngxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
71cd09d27b8c1ee2-NRT
cf-bgj
minify
idRequest
sync.aralego.com/ Frame F67F 		46 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?ucfUid=8b541bef-aaf2-3c99-b3f3-b618f163e0d3&lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
d6186e9d2b7599c0a347cc8222cdfe3b1e558cd72b9f9b03f54439c628ed70d1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:28 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ Frame F67F 		552 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2Fg2emzn&adid=ad-BE7A8D43E47B3D23C77A9993A9B8A778&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.502532093474283&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ucfUid=8b541bef-aaf2-3c99-b3f3-b618f163e0d3&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:28 GMT
X-Width
300
X-Height
250
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-SspId
8b541bef-aaf2-3c99-b3f3-b618f163e0d3
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
552
X-AdStyle
banner
X-Adtype
html
usync.js
eus.rubiconproject.com/ Frame 9814 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ec932c455eda11443b2dc60e323f01a43a8a93eeb5bb281460f90e900f15151b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46714
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9456
Expires
Sat, 18 Jun 2022 05:06:02 GMT
sid
mug.criteo.com/ Frame 79E0
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=zTs_VHxFMTVub3A5YU5LZS9kNHhlOG9TZStGV01RYmR5Vk5KK29nL1dzRzBmN0ZtQmhqVmhLaXkzT2NNUDg3dFB5RlQwYzlTR1NMQzdZQ2RreGkxYlk5ZGtFeW5tS0dSbHhCcDV0UVZCVzZrS3laMG5CdlZlVjFoemtTQn...
433 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=zTs_VHxFMTVub3A5YU5LZS9kNHhlOG9TZStGV01RYmR5Vk5KK29nL1dzRzBmN0ZtQmhqVmhLaXkzT2NNUDg3dFB5RlQwYzlTR1NMQzdZQ2RreGkxYlk5ZGtFeW5tS0dSbHhCcDV0UVZCVzZrS3laMG5CdlZlVjFoemtTQnlGcTdzcnRvU1YreTRmcm5HYkRJSGNTRCt1NlV2cHJmNGRpWFJOTlZzV2F4TXdnbndya2hkYXYxdVd4aU9idHdUWU1jUTFhUUk1M2RjZXRkMDlrNzUvL3Y3NHVUVEpmRW52RHV6bVY3eW4wNlVqeXVQZ2M4SmV5clVqbUF1VGszREdKcmVnakZqaEV2cGRKelZnTlFSSHBUUUlRaEpTZEljVk5jaVlOTVM2bFVRa0FIUlRBRT18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
aa4c45af33f1bc0382f53c7107000abc7181825ecec5c1013b5d8b060d32fb03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2956
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:28 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=zTs_VHxFMTVub3A5YU5LZS9kNHhlOG9TZStGV01RYmR5Vk5KK29nL1dzRzBmN0ZtQmhqVmhLaXkzT2NNUDg3dFB5RlQwYzlTR1NMQzdZQ2RreGkxYlk5ZGtFeW5tS0dSbHhCcDV0UVZCVzZrS3laMG5CdlZlVjFoemtTQnlGcTdzcnRvU1YreTRmcm5HYkRJSGNTRCt1NlV2cHJmNGRpWFJOTlZzV2F4TXdnbndya2hkYXYxdVd4aU9idHdUWU1jUTFhUUk1M2RjZXRkMDlrNzUvL3Y3NHVUVEpmRW52RHV6bVY3eW4wNlVqeXVQZ2M4SmV5clVqbUF1VGszREdKcmVnakZqaEV2cGRKelZnTlFSSHBUUUlRaEpTZEljVk5jaVlOTVM2bFVRa0FIUlRBRT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1189
content-length
567
expires
0
khaos.jpg
token.rubiconproject.com/ Frame 9814 		284 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
dbbc2dbf689859fb5870b364473d5441
Content-Type
image/jpg
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 6DD4 		714 B
843 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
age
4500
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
71cd09d2abcc1ee2-NRT
content-encoding
br
content-type
text/html
date
Fri, 17 Jun 2022 16:07:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PW5kaVwiN0hdHb1pnYyd1lbBmBv1fHAp%2B%2B5fmLanbH%2BkXcDAWO0lU8RXdu7xOpaFASLOj0Zj7mesH7GI%2BPhE5uJBqyKFB8bVX9QJF459ZNk7Pe8v4EdbS56%2BPnqKUuSKKw6MjML4%2Fwd66UcYeg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame 0CF5 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:28 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
rubiconid.aspx
bw.scupio.com/adpinline/ Frame AF33
Redirect Chain
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell&khaos=L4IN9NR0-1B-6D4G
  • https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L4IN9NR0-1B-6D4G
0
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L4IN9NR0-1B-6D4G
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:28 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
application/javascript
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L4IN9NR0-1B-6D4G
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6DD4 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
sffe /
Resource Hash
520b8c61807a32b7cc9e77128c402f045ee331ecb146384fb8794566907bf8f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27856
x-xss-protection
0
server
sffe
etag
"1247 / 219 of 1000 / last-modified: 1655464038"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Jun 2022 16:07:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1CAB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
48205
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 02:44:03 GMT
expires
Sat, 17 Jun 2023 02:44:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B390 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8fc8e944f208bbdd19ac247e3154faab0c8424100a961ee7bea0afe7eb1dea68
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vkXV-4SBU_NCS2fa2Tp93w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-vkXV-4SBU_NCS2fa2Tp93w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 16:07:28 GMT
expires
Fri, 17 Jun 2022 16:07:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
pagead2.googlesyndication.com/bg/ Frame 1CAB 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:56:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
166234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13859
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 17:56:54 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame F8C0 		714 B
843 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
age
4500
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
71cd09d33c5a1ee2-NRT
content-encoding
br
content-type
text/html
date
Fri, 17 Jun 2022 16:07:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HF708CoBBTm%2Fso0UhOVJspWO4llgDSPFwXv70qQoor43TP8t1YIjbKEElcXzqrUI%2FXgYWzCxpPdg2cFFbROylHKgQlzz%2FTcW5vTGUkDxSbYSY20%2FS5HV3FSM0s0FEi9S0bJq%2BkWsUZYT3HODgw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame F67F 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:28 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame F8C0 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
sffe /
Resource Hash
6cbe12faad98d8b75965e41ff4037cb368597f121df1075a3fbcea18834201d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27914
x-xss-protection
0
server
sffe
etag
"1247 / 339 of 1000 / last-modified: 1655464010"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Jun 2022 16:07:28 GMT
tap.php
pixel.rubiconproject.com/ Frame AF33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/a97sY4rWeA9vamoxi0Q-WA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4381911674392346355
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4381911674392346355
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
Content-Type
image/gif

Redirect headers

date
Fri, 17 Jun 2022 16:07:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4381911674392346355
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
709414.gif
id.rlcdn.com/ Frame AF33 		42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:07:28 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
tap.php
pixel.rubiconproject.com/ Frame AF33
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGDY6i3ylcltUzz7PRKHlVU&google_cver=1
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGDY6i3ylcltUzz7PRKHlVU&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGDY6i3ylcltUzz7PRKHlVU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AF33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTMxYmIyNGRiODE5MWFkNDAwZGVlMmM4YmQ0YTRiNmEwOTIwMzNkYQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTMxYmIyNGRiODE5MWFkNDAwZGVlMmM4YmQ0YTRiNmEwOTIwMzNkYQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H3
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTMxYmIyNGRiODE5MWFkNDAwZGVlMmM4YmQ0YTRiNmEwOTIwMzNkYQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dbbc2dbf689859fb5870b364473d5441
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame AF33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4IN9NU3-1Q-QU
0
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4IN9NU3-1Q-QU
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B6AA05480325482FB9425A2FE8D8DC7C Ref B: TYAEDGE0420 Ref C: 2022-06-17T16:07:28Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXhpvN2Mcidp7upU56BaA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4IN9NU3-1Q-QU
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame AF33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4IN9NU3-1Q-QU&sigv=1&esig=2~749046969095c191e14423fdf31aa11bf4cb3686
0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4IN9NU3-1Q-QU&sigv=1&esig=2~749046969095c191e14423fdf31aa11bf4cb3686
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H2
Server
2406:2000:a4:9fe:: , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4IN9NU3-1Q-QU&sigv=1&esig=2~749046969095c191e14423fdf31aa11bf4cb3686
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dbbc2dbf689859fb5870b364473d5441
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame AF33
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://match.adsrvr.org/track/cmb/rubicon?
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dae57b52-d5d7-4869-aa3e-8bb8f7638a71&gdpr=0&gdpr_consent=&expires=30
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dae57b52-d5d7-4869-aa3e-8bb8f7638a71&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
dbbc2dbf689859fb5870b364473d5441
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:28 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dae57b52-d5d7-4869-aa3e-8bb8f7638a71&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
ecm3
aax-eu.amazon-adsystem.com/s/ Frame AF33
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=s1Sx85KaSQulSX0n0CXvGA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=s1Sx85KaSQulSX0n0CXvGA
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=s1Sx85KaSQulSX0n0CXvGA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Jun 2022 16:07:30 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
H87NCXBBA8DXYEPGV7QR
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=s1Sx85KaSQulSX0n0CXvGA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubiconid.aspx
bw.scupio.com/adpinline/ Frame 9814
Redirect Chain
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell&khaos=L4IN9NU3-1Q-QU
  • https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L4IN9NU3-1Q-QU
0
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L4IN9NU3-1Q-QU
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:28 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
application/javascript
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L4IN9NU3-1Q-QU
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Expires
0
pubads_impl_2022061302.js
securepubads.g.doubleclick.net/gpt/ Frame 6DD4 		370 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061302.js?cb=31068094
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
sffe /
Resource Hash
e9edf115bf3ab4ef7ec524ed24617e32bd83298e0d4882f424d967943c048273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 02:48:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47947
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128453
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 22:57:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 17 Jun 2023 02:48:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B390 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022060901&jk=1696235357171023&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
integrator.js
adservice.google.co.jp/adsid/ Frame 6DD4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061302.js?cb=31068094
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6DD4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061302.js?cb=31068094
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6DD4 		492 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1630438174299060&correlator=67871493693703&eid=31067816%2C31068094&output=ldjh&gdfp_req=1&vrg=2022061302&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&ecs=20220617&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1655482048630&lmt=1644386353&dlt=1655482048445&idt=165&biw=-12245933&bih=-12245933&adxs=-12245933&adys=-12245933&ucis=daofh4rblkll&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1339153385.1655482049&ga_sid=1655482049&ga_hid=868696780&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061302.js?cb=31068094
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
2aa65cdcee2804205f727bd2f93c083aa85fed1780ceefaa21888d8426f81517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3e6c085bc3e9c8aa950c750c3b3e7a4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EE9B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e6c085bc3e9c8aa950c750c3b3e7a4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061302.js?cb=31068094
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 16:07:28 GMT
expires
Sat, 17 Jun 2023 16:07:28 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022060901.js
securepubads.g.doubleclick.net/gpt/ Frame F8C0 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
sffe /
Resource Hash
21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 09:15:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24707
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127664
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 08:36:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 17 Jun 2023 09:15:41 GMT
generate_204
tpc.googlesyndication.com/ Frame 1CAB 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_wTzlw
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame E280 		117 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6fce35edd0815a2e58012d32a73f15c07376a2e333793766dcbb73ec43ec6a29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39797
x-xss-protection
0
server
cafe
etag
9116436713006597028
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 16:07:28 GMT
integrator.js
adservice.google.co.jp/adsid/ Frame F8C0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F8C0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F8C0 		307 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2861684757338419&correlator=3033957683961494&eid=31065642%2C42531608&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&ecs=20220617&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1655482048703&lmt=1644386353&dlt=1655482048541&idt=148&biw=-12245933&bih=-12245933&adxs=-12245933&adys=-12245933&ucis=33fj51a07xlx&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=249632937.1655482049&ga_sid=1655482049&ga_hid=1795559027&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
645416625bb68f40ab5c7c7039299caff221393345373dbd7e7be56576dd8c14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8d109ada65db6ecc00f2ce3191c4ab87.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 00D3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8d109ada65db6ecc00f2ce3191c4ab87.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 16:07:28 GMT
expires
Sat, 17 Jun 2023 16:07:28 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame E6FE 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=90&slotname=2784%2F12678&adk=3326638708&adf=1605851719&pi=t.ma~as.2784%2F12678&w=970&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048039&bpp=12&bdt=536&idt=276&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=2110577751545&frm=23&ife=1&pv=2&ga_vid=786912116.1655482046&ga_sid=1655482048&ga_hid=893530697&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=984&biw=1600&bih=1200&isw=970&ish=90&ifk=3449834543&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531556%2C42531606%2C42531608&oid=2&pvsid=1040823750251013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hd0gmvaa3q41&fsb=1&dtd=301
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:04:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Jul 2022 16:04:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame E6FE 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=90&slotname=2784%2F12678&adk=3326638708&adf=1605851719&pi=t.ma~as.2784%2F12678&w=970&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048039&bpp=12&bdt=536&idt=276&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=2110577751545&frm=23&ife=1&pv=2&ga_vid=786912116.1655482046&ga_sid=1655482048&ga_hid=893530697&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=984&biw=1600&bih=1200&isw=970&ish=90&ifk=3449834543&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531556%2C42531606%2C42531608&oid=2&pvsid=1040823750251013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hd0gmvaa3q41&fsb=1&dtd=301
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:06:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
3673595682727343497
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Jul 2022 16:06:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame E6FE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=90&slotname=2784%2F12678&adk=3326638708&adf=1605851719&pi=t.ma~as.2784%2F12678&w=970&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048039&bpp=12&bdt=536&idt=276&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=2110577751545&frm=23&ife=1&pv=2&ga_vid=786912116.1655482046&ga_sid=1655482048&ga_hid=893530697&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=984&biw=1600&bih=1200&isw=970&ish=90&ifk=3449834543&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531556%2C42531606%2C42531608&oid=2&pvsid=1040823750251013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hd0gmvaa3q41&fsb=1&dtd=301
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Jul 2022 16:03:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame E6FE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=90&slotname=2784%2F12678&adk=3326638708&adf=1605851719&pi=t.ma~as.2784%2F12678&w=970&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048039&bpp=12&bdt=536&idt=276&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=2110577751545&frm=23&ife=1&pv=2&ga_vid=786912116.1655482046&ga_sid=1655482048&ga_hid=893530697&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=984&biw=1600&bih=1200&isw=970&ish=90&ifk=3449834543&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531556%2C42531606%2C42531608&oid=2&pvsid=1040823750251013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hd0gmvaa3q41&fsb=1&dtd=301
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Jul 2022 16:07:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E6FE 		137 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=90&slotname=2784%2F12678&adk=3326638708&adf=1605851719&pi=t.ma~as.2784%2F12678&w=970&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048039&bpp=12&bdt=536&idt=276&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=2110577751545&frm=23&ife=1&pv=2&ga_vid=786912116.1655482046&ga_sid=1655482048&ga_hid=893530697&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=984&biw=1600&bih=1200&isw=970&ish=90&ifk=3449834543&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531556%2C42531606%2C42531608&oid=2&pvsid=1040823750251013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hd0gmvaa3q41&fsb=1&dtd=301
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Jun 2022 16:07:28 GMT
6609dd9ea225b203b979e97d717528a7.js
www.gstatic.com/mysidia/ Frame E6FE 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6609dd9ea225b203b979e97d717528a7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=90&slotname=2784%2F12678&adk=3326638708&adf=1605851719&pi=t.ma~as.2784%2F12678&w=970&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048039&bpp=12&bdt=536&idt=276&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=2110577751545&frm=23&ife=1&pv=2&ga_vid=786912116.1655482046&ga_sid=1655482048&ga_hid=893530697&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=984&biw=1600&bih=1200&isw=970&ish=90&ifk=3449834543&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531556%2C42531606%2C42531608&oid=2&pvsid=1040823750251013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hd0gmvaa3q41&fsb=1&dtd=301
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3cf3387684841d812d58964b4a81c701f4b93d564aa09b7a25c71cccce77f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 03:36:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13085
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 02:25:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 03:36:41 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/13230399794736468503/ Frame E6FE 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13230399794736468503/downsize_200k_v1?w=195&h=102
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=90&slotname=2784%2F12678&adk=3326638708&adf=1605851719&pi=t.ma~as.2784%2F12678&w=970&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048039&bpp=12&bdt=536&idt=276&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=2110577751545&frm=23&ife=1&pv=2&ga_vid=786912116.1655482046&ga_sid=1655482048&ga_hid=893530697&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=984&biw=1600&bih=1200&isw=970&ish=90&ifk=3449834543&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531556%2C42531606%2C42531608&oid=2&pvsid=1040823750251013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hd0gmvaa3q41&fsb=1&dtd=301
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e4da540a6f02bdd62269ea01977f3c4da4f572325a590a269ffce452bec97ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 07:44:10 GMT
x-content-type-options
nosniff
age
548598
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5269
x-xss-protection
0
last-modified
Fri, 30 Apr 2021 18:36:02 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 11 Jun 2023 07:44:10 GMT
truncated
/ Frame E6FE 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bf528dd37626af27909bf86bb650268d92c3127f617caba9bea5295fd281b99

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame E6FE 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7021 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=90&slotname=2784%2F12678&adk=3326638708&adf=1605851719&pi=t.ma~as.2784%2F12678&w=970&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048039&bpp=12&bdt=536&idt=276&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=2110577751545&frm=23&ife=1&pv=2&ga_vid=786912116.1655482046&ga_sid=1655482048&ga_hid=893530697&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=984&biw=1600&bih=1200&isw=970&ish=90&ifk=3449834543&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531556%2C42531606%2C42531608&oid=2&pvsid=1040823750251013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hd0gmvaa3q41&fsb=1&dtd=301
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
3305
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 15:12:23 GMT
etag
48472445140208031
expires
Sat, 18 Jun 2022 15:12:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/ Frame E280 		337 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
997b452c0f83d518b4d5bcdefdf891f4ea8d92c536fd8d068cf10dcd804e9f04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121571
x-xss-protection
0
server
cafe
etag
3662140970747078023
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 16:07:28 GMT
truncated
/ Frame E6FE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc83472d1c276ec384a4efb40f6ea35e6fe0cefe390da3b5125c53a547d6a3e8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6DD4 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022061302&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061302.js?cb=31068094
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da076f88d3f490de57a5046572600104a042b3ad46f7eb18b87489e980ac9b45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10675
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame D672 		117 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1cddd2f3bf51045989834d533d896d5c5da9cde5dbe21e090d75d6b18d6de6f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39793
x-xss-protection
0
server
cafe
etag
5361612212136870374
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 16:07:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F8C0 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022060901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68c3cfb9082db58a07869eddf20b19d8a97f9578ac15f1801326c0fb80c2f0c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10678
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 7021
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHHpgxExJXuJ1meGPPYH4u4&google_cver=1&google_push=ARnp8GDNhfDLVja_iEXsV_rgtK3r53AAfJB_p_OAK8XZLwJeDYhYRwIvAdfXzsr1reanUU9Njyiq1EigOcZDO-gifVNdbfZJtceI
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc4ODA1MjkzNjg5ODkwNjU1Nw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHHpgxExJXuJ1meGPPYH4u4&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHHpgxExJXuJ1meGPPYH4u4&google_cver=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Server
2001:df2:a300:bbbb::135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHHpgxExJXuJ1meGPPYH4u4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7021
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKmJUUIhPfTaDYPzyoUwgfc&google_push=ARnp8GCpX05SaFFX_rBenZr1li93kmq9v-Sb2daEx1PwiWlA14Hpmk-17I...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKmJUUIhPfTaDYPzyoUwgfc&google_push=ARnp8GCpX05SaFFX_rBenZr1li93kmq9v-Sb2daEx1PwiWlA14Hpmk-17ISop5IDPqEtxfmlr1F_TgSh7v9JejvsWfHAmd3uoHOp
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1655482049.856386,VS0,VE171
x-served-by
cache-tyo11979-TYO
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKmJUUIhPfTaDYPzyoUwgfc&google_push=ARnp8GCpX05SaFFX_rBenZr1li93kmq9v-Sb2daEx1PwiWlA14Hpmk-17ISop5IDPqEtxfmlr1F_TgSh7v9JejvsWfHAmd3uoHOp
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 7021
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEEEdNdPbHUL2rI2U55wTNz0&google_cver=1&google_push=ARnp8GBWJdqmfgw99z0HUtUx6LTJ_Tf-I8PFDYtWUngIzCFNxej9Mn7h5lTPsjOUx4ho5WfMWeLSwRLMIwOWpXEV3N42MpNq...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ARnp8GBWJdqmfgw99z0HUtUx6LTJ_Tf-I8PFDYtWUngIzCFNxej9Mn7h5lTPsjOUx4ho5WfMWeLSwRLMIwOWpXEV3N42MpNqbRXy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ARnp8GBWJdqmfgw99z0HUtUx6LTJ_Tf-I8PFDYtWUngIzCFNxej9Mn7h5lTPsjOUx4ho5WfMWeLSwRLMIwOWpXEV3N42MpNqbRXy
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ARnp8GBWJdqmfgw99z0HUtUx6LTJ_Tf-I8PFDYtWUngIzCFNxej9Mn7h5lTPsjOUx4ho5WfMWeLSwRLMIwOWpXEV3N42MpNqbRXy
Date
Fri, 17 Jun 2022 16:07:29 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 7021
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMdqWLO5X_c1q02LWIcsxKg&google_cver=1&google_push=ARnp8GC2x5TgPrWS1rnwgAOJZcqsy9XWMiv-JUEtZZcBYbK-PwRPR4K0jCMMYtZDP2Y9Yv7Gq4ze1kWTfhpgODOcVVy-Ng1...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GC2x5TgPrWS1rnwgAOJZcqsy9XWMiv-JUEtZZcBYbK-PwRPR4K0jCMMYtZDP2Y9Yv7Gq4ze1kWTfhpgODOcVVy-Ng1dyQGw&google_hm=NDM4MTkxMTY3NDM5MjM0Nj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GC2x5TgPrWS1rnwgAOJZcqsy9XWMiv-JUEtZZcBYbK-PwRPR4K0jCMMYtZDP2Y9Yv7Gq4ze1kWTfhpgODOcVVy-Ng1dyQGw&google_hm=NDM4MTkxMTY3NDM5MjM0NjM1NQ%3D%3D
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 17 Jun 2022 16:07:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GC2x5TgPrWS1rnwgAOJZcqsy9XWMiv-JUEtZZcBYbK-PwRPR4K0jCMMYtZDP2Y9Yv7Gq4ze1kWTfhpgODOcVVy-Ng1dyQGw&google_hm=NDM4MTkxMTY3NDM5MjM0NjM1NQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
dot.gif
s0.2mdn.net/ Frame 7021 		43 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEMrsY6qItT12dfOmppmxlwU&google_cver=1&google_push=ARnp8GDz9P1dVou7KMl7gj45qOFTZjxyAvhFdYhxTINzXIkIYx1jY0qUXAUc44p7wFtnmPzZ8_ahr-AlWssRxbHHaY_gKdjB_HUl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=90&slotname=2784%2F12678&adk=3326638708&adf=1605851719&pi=t.ma~as.2784%2F12678&w=970&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048039&bpp=12&bdt=536&idt=276&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=2110577751545&frm=23&ife=1&pv=2&ga_vid=786912116.1655482046&ga_sid=1655482048&ga_hid=893530697&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=984&biw=1600&bih=1200&isw=970&ish=90&ifk=3449834543&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531556%2C42531606%2C42531608&oid=2&pvsid=1040823750251013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hd0gmvaa3q41&fsb=1&dtd=301
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Jun 2022 16:07:29 GMT
pixel
cm.g.doubleclick.net/ Frame 7021
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKMxhhTdfLYe-dMbIlkXHos&google_cver=1&google_push=ARnp8GBR8skujJdkqmQx6zW0Qqfw_xeaBAGHtlNqr55LikAO3ao_ra_MwFMWs7D6iAHymtBLAJA...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRJTjlOUjAtMUItNkQ0Rw==&google_push=ARnp8GBR8skujJdkqmQx6zW0Qqfw_xeaBAGHtlNqr55LikAO3ao_ra_MwFMWs7D6iAHymtBLAJAqIuCLfT6UaqmaSPvb18BHvsU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRJTjlOUjAtMUItNkQ0Rw==&google_push=ARnp8GBR8skujJdkqmQx6zW0Qqfw_xeaBAGHtlNqr55LikAO3ao_ra_MwFMWs7D6iAHymtBLAJAqIuCLfT6UaqmaSPvb18BHvsU
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRJTjlOUjAtMUItNkQ0Rw==&google_push=ARnp8GBR8skujJdkqmQx6zW0Qqfw_xeaBAGHtlNqr55LikAO3ao_ra_MwFMWs7D6iAHymtBLAJAqIuCLfT6UaqmaSPvb18BHvsU
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
dbbc2dbf689859fb5870b364473d5441
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7021
Redirect Chain
  • https://rtb2-useast.torchad.com/sync?exchange=309&google_gid=CAESELtjCI-OJ_lgLxofcnp0Dh0&google_cver=1&google_push=ARnp8GDc8idm2b1ikRz6JCtTkp5Cdb7QAA16SCRxea0Bpn7WYdlG1jLrKeVI-jO8ndCbiJ962cmXR92NI9...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.torchad.com%2Fsync%3Fexchange%3D309%26google_gid%3DCAESELtjCI-OJ_lgLxofcnp0Dh0%26google_cver%3D1%26google_push%3DARnp8GDc8idm2b1ikRz6JCtT...
  • https://rtb2-useast.torchad.com/sync?adkuid=A4271139033187229400&exchange=309&google_gid=CAESELtjCI-OJ_lgLxofcnp0Dh0&google_cver=1&google_push=ARnp8GDc8idm2b1ikRz6JCtTkp5Cdb7QAA16SCRxea0Bpn7WYdlG1j...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTQyNzExMzkwMzMxODcyMjk0MDA&google_push=ARnp8GDc8idm2b1ikRz6JCtTkp5Cdb7QAA16SCRxea0Bpn7WYdlG1jLrKeVI-jO8ndCbiJ962cmXR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTQyNzExMzkwMzMxODcyMjk0MDA&google_push=ARnp8GDc8idm2b1ikRz6JCtTkp5Cdb7QAA16SCRxea0Bpn7WYdlG1jLrKeVI-jO8ndCbiJ962cmXR92NI9HHko4QT7nvEGhlmkE
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTQyNzExMzkwMzMxODcyMjk0MDA&google_push=ARnp8GDc8idm2b1ikRz6JCtTkp5Cdb7QAA16SCRxea0Bpn7WYdlG1jLrKeVI-jO8ndCbiJ962cmXR92NI9HHko4QT7nvEGhlmkE
Date
Fri, 17 Jun 2022 16:07:30 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 7021 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I6GuTFURVqsTeVJnr23tJyExQw9JZCDA2bHrWdKLGZf1AcayaqgEKwmqedIR7a9EkZeBlx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=90&slotname=2784%2F12678&adk=3326638708&adf=1605851719&pi=t.ma~as.2784%2F12678&w=970&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048039&bpp=12&bdt=536&idt=276&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=2110577751545&frm=23&ife=1&pv=2&ga_vid=786912116.1655482046&ga_sid=1655482048&ga_hid=893530697&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=984&biw=1600&bih=1200&isw=970&ish=90&ifk=3449834543&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531556%2C42531606%2C42531608&oid=2&pvsid=1040823750251013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hd0gmvaa3q41&fsb=1&dtd=301
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2F6F 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220615&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0a573bb767c66bda639eb551f06915679d77c34e2833f2b59c780adf43c6da6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10633
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6DD4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061302.js?cb=31068094
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Jun 2022 16:07:28 GMT
1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
pagead2.googlesyndication.com/bg/ Frame 8286 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=90&slotname=2784%2F12678&adk=3326638708&adf=1605851719&pi=t.ma~as.2784%2F12678&w=970&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048039&bpp=12&bdt=536&idt=276&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=2110577751545&frm=23&ife=1&pv=2&ga_vid=786912116.1655482046&ga_sid=1655482048&ga_hid=893530697&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=984&biw=1600&bih=1200&isw=970&ish=90&ifk=3449834543&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531556%2C42531606%2C42531608&oid=2&pvsid=1040823750251013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hd0gmvaa3q41&fsb=1&dtd=301
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:56:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
166234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13859
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 17:56:54 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F8C0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Jun 2022 16:07:29 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/ Frame D672 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f566849369b47907013f185c5f26ada819725f6ec5c52bc7bd5fd4be0c9d47f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122725
x-xss-protection
0
server
cafe
etag
16529059846515264924
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 16:07:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 680A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
48205
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 02:44:03 GMT
expires
Sat, 17 Jun 2023 02:44:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B5A4 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5e52d5204589af77161833ce0005eb341a93b9a7792a782c15a357aa1b3d47ac
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4dhk5XsSo8VTBHENIcNa5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-4dhk5XsSo8VTBHENIcNa5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 16:07:28 GMT
expires
Fri, 17 Jun 2022 16:07:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2F6F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Jun 2022 16:07:29 GMT
1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
pagead2.googlesyndication.com/bg/ Frame 680A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:56:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
166234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13859
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 17:56:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A1F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
48206
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 02:44:03 GMT
expires
Sat, 17 Jun 2023 02:44:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AF84 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
66891331032bd7649ebc329796d03eb49b9fb1be69d5294f16ae5437971a731b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zvaXgZndf2oEgsqeBiApLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-zvaXgZndf2oEgsqeBiApLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 16:07:29 GMT
expires
Fri, 17 Jun 2022 16:07:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cookie.js
partner.googleadservices.com/gampad/ Frame E280 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.co.jp/adsid/ Frame E280 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E280 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A0DB 		68 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242780&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048798&bpp=10&bdt=544&idt=257&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=2066176180&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2616092914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C31067629%2C31068030%2C42531608%2C31062931&oid=2&pvsid=947895602040670&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nx24r792w2lt&fsb=1&dtd=277
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd7fc0a8c2a44c5aac91aad44a890b85bbb77c9cca75f415e97c8c62546e359d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
26191
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 16:07:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame B5A4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022061302&jk=1630438174299060&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ADBF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
48206
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 02:44:03 GMT
expires
Sat, 17 Jun 2023 02:44:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6C33 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1c1547b27c7059290d957e250ad953577b773a454539ce131ac458d799f351e9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hQJHpuzuqRBefEFRT0Kzow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-hQJHpuzuqRBefEFRT0Kzow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 16:07:29 GMT
expires
Fri, 17 Jun 2022 16:07:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame AF84 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022060901&jk=2861684757338419&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
pagead2.googlesyndication.com/bg/ Frame 5A1F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:56:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
166235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13859
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 17:56:54 GMT
generate_204
tpc.googlesyndication.com/ Frame 680A 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?IthvlA
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cookie.js
partner.googleadservices.com/gampad/ Frame D672 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.co.jp/adsid/ Frame D672 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D672 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C475 		69 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242783&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048965&bpp=5&bdt=561&idt=262&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=1611899983&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=3191036242&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C44761043%2C31067629%2C31067769%2C31068031%2C42531608%2C31067487%2C31062931&oid=2&pvsid=2619008417580660&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.x8e1tnpbxfhr&fsb=1&dtd=269
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c2ce0bd12b587903a248ece85f206edce1be97a63e44d73fea99ecca3ed23ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
26577
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 16:07:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
pagead2.googlesyndication.com/bg/ Frame ADBF 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:56:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
166235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13859
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 17:56:54 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6C33 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220615&jk=1040823750251013&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D499 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022060901&jk=1696235357171023&bg=!FRalFlLNAAbASn8N4Eo7ACkAdvg8Wpze8GXLY2SB4Wm3DdbAcgcjQwMCLLuxRG0W6K252Yrjw3YcBQIAAACWUgAAAAJoAQcKAFvhVNgLJAJk5FRRwXw3eyQAHrr-PLIUOmMgd3rVizDxHC7Z_MgwxV-LFdriZkg4LMfnGS4D9r3zKFAiDJhCz712MMrT7ilULXtxaygpXWhzP_kUDHSiYnv8kc6pmQLNocrj8g0HMLgerVTlEbDcRNxCKdPaS7DKI138255ZKvuVDcq4Umn2f9YFfBC1O-GMXG9rLBj3cAKn1UQ90nN1iDOPNS8Rwhg2__DduKWDxrLPjnBE62mUA8Wk8H0XHkp1U54whc_C_apEhisW_ywQmcy62Nc0DdxqyiLeJKFFZ3ZHPJEqtxbsVnIvy36AqprHZ8qHbgR1Qz7ovfetMa_vbartcuf0KLFYguV7i1NrGX18jvrS9qIZs5UEkcBf8LJoK9PVGivQRIKVQkX5wMSKsovSE7CLsiZ5WaYSIzc9EmPXMt0_ONBX1ZjZMyO1s01PB4_q5LSvwAMhunN1maouqgZHuCs3HLlc12GhHAb_g3RoQG-dH1Qx6B5yPykzZ-aBoZeNvgZ1MYbWdZQbfXKuVaVV0q4y3MbUOruHYYOSkvxK9CjUSnPwUwpYP9CLIpeJiSDFVeh0Xjle_Gvk961H00pbxtTKgOJF5npigKkUT474G0IHEe_bqb49KCOh80ytBa4uY9Kzkepe5QGfsy5nyIACJTDrjAH_D0AHduS8bokllWM_Vo0G-8NPHbNhUxgEYa83BjQF9hLrcT6k8Z-MLg_bsHtkJ7jqggXqO_gXtdTD-x7D5szBv7YzZK3mctb_d5Ai4xDCAag61FpcoM0ii97_nwQqdANl3P1--8lajbdT35w5kQR3GjcN3N3muZDn5Ik5qE3c--roJhKCHKVlkdK9KJrJ5fKu23sDaa9AhcKnTFnAjuIDf0iKHvmWOONPbv6u4FDcU-iBpnvd-itz4PkxJDgbUV7XhGhRsNvkuefCVvQc4djs5R7rfCGzoSf_yw5njBq6qUm9cIrVCS12iWj-fGPomlfWNKqa---snm1aYF3oEwz7j2rX9FaBVSW6eX2xzktsIIE6vJu4cOEYeptI43r5sOI0_l4sA825aGjzHW3-y65lc8NcqTDk
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 5A1F 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?0tRzYQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame ADBF 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?IAwahw
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame A0DB 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242780&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048798&bpp=10&bdt=544&idt=257&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=2066176180&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2616092914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C31067629%2C31068030%2C42531608%2C31062931&oid=2&pvsid=947895602040670&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nx24r792w2lt&fsb=1&dtd=277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:04:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Jul 2022 16:04:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame A0DB 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242780&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048798&bpp=10&bdt=544&idt=257&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=2066176180&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2616092914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C31067629%2C31068030%2C42531608%2C31062931&oid=2&pvsid=947895602040670&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nx24r792w2lt&fsb=1&dtd=277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:06:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
3673595682727343497
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Jul 2022 16:06:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame A0DB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242780&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048798&bpp=10&bdt=544&idt=257&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=2066176180&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2616092914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C31067629%2C31068030%2C42531608%2C31062931&oid=2&pvsid=947895602040670&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nx24r792w2lt&fsb=1&dtd=277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Jul 2022 16:03:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame A0DB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242780&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048798&bpp=10&bdt=544&idt=257&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=2066176180&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2616092914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C31067629%2C31068030%2C42531608%2C31062931&oid=2&pvsid=947895602040670&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nx24r792w2lt&fsb=1&dtd=277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Jul 2022 16:07:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A0DB 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242780&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048798&bpp=10&bdt=544&idt=257&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=2066176180&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2616092914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C31067629%2C31068030%2C42531608%2C31062931&oid=2&pvsid=947895602040670&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nx24r792w2lt&fsb=1&dtd=277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Jun 2022 16:07:29 GMT
6609dd9ea225b203b979e97d717528a7.js
www.gstatic.com/mysidia/ Frame A0DB 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6609dd9ea225b203b979e97d717528a7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242780&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048798&bpp=10&bdt=544&idt=257&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=2066176180&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2616092914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C31067629%2C31068030%2C42531608%2C31062931&oid=2&pvsid=947895602040670&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nx24r792w2lt&fsb=1&dtd=277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3cf3387684841d812d58964b4a81c701f4b93d564aa09b7a25c71cccce77f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 03:36:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13085
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 02:25:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 03:36:41 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AB6B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242780&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048798&bpp=10&bdt=544&idt=257&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=2066176180&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2616092914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C31067629%2C31068030%2C42531608%2C31062931&oid=2&pvsid=947895602040670&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nx24r792w2lt&fsb=1&dtd=277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
3306
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 15:12:23 GMT
etag
48472445140208031
expires
Sat, 18 Jun 2022 15:12:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
2076313506083323656
tpc.googlesyndication.com/simgad/8569770976140548734/ Frame A0DB 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8569770976140548734/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242780&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048798&bpp=10&bdt=544&idt=257&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=2066176180&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2616092914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C31067629%2C31068030%2C42531608%2C31062931&oid=2&pvsid=947895602040670&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nx24r792w2lt&fsb=1&dtd=277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5ac216aafa093b7d5509d64c083cbfd67e9ce7117c1544013502142e40503bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 09:37:57 GMT
x-content-type-options
nosniff
age
23372
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41170
x-xss-protection
0
last-modified
Fri, 30 Apr 2021 17:05:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 17 Jun 2023 09:37:57 GMT
truncated
/ Frame A0DB 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3678e4c02c618f289eabef48601c5dddfe929667fbd20ea0e6d28330eed92c7b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A0DB 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2048cfb877852f26b5f7837be5580564370ced967664ed1319a5675a6d2b155

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame AB6B 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECOzwi1MjpQDgjj5aKM8yMs&google_cver=1&google_push=ARnp8GBPhbbGMMA1p4201NPduh1hhxVcHHImnyO9KM_C3gqtf_BYFaes_rDEAffqR7EUyHEjQeT2amwwFXfJSdZzqyCU33sueJE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242780&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048798&bpp=10&bdt=544&idt=257&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=2066176180&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2616092914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C31067629%2C31068030%2C42531608%2C31062931&oid=2&pvsid=947895602040670&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nx24r792w2lt&fsb=1&dtd=277
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800e:21:a878:7c6e:cf7b:3362 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AB6B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEByAcFPdJZ9CpavvXGDCR68&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEByAcFPdJZ9CpavvXGDCR68&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Um5OclhBSUoxTzJldm41&google_gid=CAESEByAcFPdJZ9CpavvXGDCR68&google_cver=1&google_push=ARnp8GA89x7Em3KIz257ABKJiUTj6iZQgv6alDVcOKtE8Ub...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Um5OclhBSUoxTzJldm41&google_gid=CAESEByAcFPdJZ9CpavvXGDCR68&google_cver=1&google_push=ARnp8GA89x7Em3KIz257ABKJiUTj6iZQgv6alDVcOKtE8Ubo0QcBS0Mjosfs1xMXUs2q_vWniE7-ZJGkdRFzsuzz3LU9BF1JIQQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Jun 2022 16:07:28 GMT
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0bb87ff6d92890fba@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Um5OclhBSUoxTzJldm41&google_gid=CAESEByAcFPdJZ9CpavvXGDCR68&google_cver=1&google_push=ARnp8GA89x7Em3KIz257ABKJiUTj6iZQgv6alDVcOKtE8Ubo0QcBS0Mjosfs1xMXUs2q_vWniE7-ZJGkdRFzsuzz3LU9BF1JIQQ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame AB6B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEMfKlZYZ1NfQ19uXIu2gcVQ&google_cver=1&google_push=ARnp8GC11MlJDsLzz6XGRYDutBVa-oEFShFZO5TQ4XF5Y7avWaQuhUB_5WmT4gJRfyX2P6gd6EODPH3MelOdczDWQSuYDZrFs_A&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMfKlZYZ1NfQ19uXIu2gcVQ&google_cver=1&google_push=ARnp8GC11MlJDsLzz6XGRYDutBVa-oEFShFZO5TQ4XF5Y7avWaQuhUB_5WmT4gJRfyX2P6gd6EODPH3MelOdczDWQSuYDZrFs_A...
43 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMfKlZYZ1NfQ19uXIu2gcVQ&google_cver=1&google_push=ARnp8GC11MlJDsLzz6XGRYDutBVa-oEFShFZO5TQ4XF5Y7avWaQuhUB_5WmT4gJRfyX2P6gd6EODPH3MelOdczDWQSuYDZrFs_A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DARnp8GC11MlJDsLzz6XGRYDutBVa-oEFShFZO5TQ4XF5Y7avWaQuhUB_5WmT4gJRfyX2P6gd6EODPH3MelOdczDWQSuYDZrFs_A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242780&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048798&bpp=10&bdt=544&idt=257&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=2066176180&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2616092914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C31067629%2C31068030%2C42531608%2C31062931&oid=2&pvsid=947895602040670&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nx24r792w2lt&fsb=1&dtd=277
Protocol
H2
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
71cd09d9f871af5e-NRT
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
272
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
71cd09d90f01af5e-NRT
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMfKlZYZ1NfQ19uXIu2gcVQ&google_cver=1&google_push=ARnp8GC11MlJDsLzz6XGRYDutBVa-oEFShFZO5TQ4XF5Y7avWaQuhUB_5WmT4gJRfyX2P6gd6EODPH3MelOdczDWQSuYDZrFs_A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DARnp8GC11MlJDsLzz6XGRYDutBVa-oEFShFZO5TQ4XF5Y7avWaQuhUB_5WmT4gJRfyX2P6gd6EODPH3MelOdczDWQSuYDZrFs_A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AB6B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESELJ_r-tBf59ur1Hpqh-VYQc&google_cver=1&google_push=ARnp8GASYR41xwhkau9id48-NgdTwPY1uwkwdXJROf7Jcsc11N4c8F_WUaEZNVHIIRNQYvNOA71HZctjJRrmwqQQSR...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZGFlNTdiNTItZDVkNy00ODY5LWFhM2UtOGJiOGY3NjM4YTcx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=dae57b52-d5d7-4869-aa3e-8bb8f7638a71
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZGFlNTdiNTItZDVkNy00ODY5LWFhM2UtOGJiOGY3NjM4YTcx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=dae57b52-d5d7-4869-aa3e-8bb8f7638a71
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242780&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048798&bpp=10&bdt=544&idt=257&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=2066176180&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2616092914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C31067629%2C31068030%2C42531608%2C31062931&oid=2&pvsid=947895602040670&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nx24r792w2lt&fsb=1&dtd=277
Protocol
H3
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZGFlNTdiNTItZDVkNy00ODY5LWFhM2UtOGJiOGY3NjM4YTcx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=dae57b52-d5d7-4869-aa3e-8bb8f7638a71
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
pixel
cm.g.doubleclick.net/ Frame AB6B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJs5BKiujAvC3GAtg2S1ZtE&google_cver=1&google_push=ARnp8GCcQhS2GI_vWcMjIwhoFfHfHaAd9bO1yGwWv8Z10ORmuQsAAfOO9C7qlbTglnSNPVEPXMzOe0U3...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJs5BKiujAvC3GAtg2S1ZtE&google_cver=1&google_push=ARnp8GCcQhS2GI_vWcMjIwhoFfHfHaAd9bO1yGwWv8Z10ORmuQsAAfOO9C7qlbTglnSNPVEPXMz...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc0MDg5NzMyNTI2ODg5MjkwMA&google_push=ARnp8GCcQhS2GI_vWcMjIwhoFfHfHaAd9bO1yGwWv8Z10ORmuQsAAfOO9C7qlbTglnSNPVEPXMzOe0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc0MDg5NzMyNTI2ODg5MjkwMA&google_push=ARnp8GCcQhS2GI_vWcMjIwhoFfHfHaAd9bO1yGwWv8Z10ORmuQsAAfOO9C7qlbTglnSNPVEPXMzOe0U3hjOIS0IzHHx1s3Ez0qQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc0MDg5NzMyNTI2ODg5MjkwMA&google_push=ARnp8GCcQhS2GI_vWcMjIwhoFfHfHaAd9bO1yGwWv8Z10ORmuQsAAfOO9C7qlbTglnSNPVEPXMzOe0U3hjOIS0IzHHx1s3Ez0qQ
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame AB6B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L_N8SElKsxSTjucNQojiR1YZo8hePauyStEQf_ksVuCpg3thfYyuzHGJM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242780&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048798&bpp=10&bdt=544&idt=257&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=2066176180&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2616092914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C31067629%2C31068030%2C42531608%2C31062931&oid=2&pvsid=947895602040670&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nx24r792w2lt&fsb=1&dtd=277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame C475 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242783&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048965&bpp=5&bdt=561&idt=262&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=1611899983&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=3191036242&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C44761043%2C31067629%2C31067769%2C31068031%2C42531608%2C31067487%2C31062931&oid=2&pvsid=2619008417580660&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.x8e1tnpbxfhr&fsb=1&dtd=269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:04:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Jul 2022 16:04:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame C475 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242783&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048965&bpp=5&bdt=561&idt=262&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=1611899983&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=3191036242&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C44761043%2C31067629%2C31067769%2C31068031%2C42531608%2C31067487%2C31062931&oid=2&pvsid=2619008417580660&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.x8e1tnpbxfhr&fsb=1&dtd=269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:06:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
3673595682727343497
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Jul 2022 16:06:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame C475 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242783&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048965&bpp=5&bdt=561&idt=262&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=1611899983&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=3191036242&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C44761043%2C31067629%2C31067769%2C31068031%2C42531608%2C31067487%2C31062931&oid=2&pvsid=2619008417580660&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.x8e1tnpbxfhr&fsb=1&dtd=269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Jul 2022 16:03:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame C475 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242783&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048965&bpp=5&bdt=561&idt=262&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=1611899983&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=3191036242&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C44761043%2C31067629%2C31067769%2C31068031%2C42531608%2C31067487%2C31062931&oid=2&pvsid=2619008417580660&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.x8e1tnpbxfhr&fsb=1&dtd=269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Jul 2022 16:07:01 GMT
l
www.google.com/ads/measurement/ Frame C475 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT8tyM9v50u2EvM7tcFATInY7HGmtJecgZDwnxFPhKx1jBZiXHaUsv-RKTbpvTZpzavvq1b9mcJGRc3rOQjFzAZ4EXVQQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242783&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048965&bpp=5&bdt=561&idt=262&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=1611899983&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=3191036242&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C44761043%2C31067629%2C31067769%2C31068031%2C42531608%2C31067487%2C31062931&oid=2&pvsid=2619008417580660&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.x8e1tnpbxfhr&fsb=1&dtd=269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C475 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242783&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048965&bpp=5&bdt=561&idt=262&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=1611899983&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=3191036242&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C44761043%2C31067629%2C31067769%2C31068031%2C42531608%2C31067487%2C31062931&oid=2&pvsid=2619008417580660&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.x8e1tnpbxfhr&fsb=1&dtd=269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Jun 2022 16:07:29 GMT
6609dd9ea225b203b979e97d717528a7.js
www.gstatic.com/mysidia/ Frame C475 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6609dd9ea225b203b979e97d717528a7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242783&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048965&bpp=5&bdt=561&idt=262&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=1611899983&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=3191036242&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C44761043%2C31067629%2C31067769%2C31068031%2C42531608%2C31067487%2C31062931&oid=2&pvsid=2619008417580660&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.x8e1tnpbxfhr&fsb=1&dtd=269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3cf3387684841d812d58964b4a81c701f4b93d564aa09b7a25c71cccce77f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 03:36:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13085
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 02:25:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 03:36:41 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/13230399794736468503/ Frame C475 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13230399794736468503/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242783&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048965&bpp=5&bdt=561&idt=262&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=1611899983&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=3191036242&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C44761043%2C31067629%2C31067769%2C31068031%2C42531608%2C31067487%2C31062931&oid=2&pvsid=2619008417580660&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.x8e1tnpbxfhr&fsb=1&dtd=269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a909c962d82e3f05fbdf8a756850a48561c092348b29fb3ec30b5ddd74796894
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 07:47:32 GMT
x-content-type-options
nosniff
age
548397
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41075
x-xss-protection
0
last-modified
Fri, 30 Apr 2021 18:37:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 11 Jun 2023 07:47:32 GMT
truncated
/ Frame C475 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04f0f93f007d9103ccfaef78ce73bb86e42b9282e2bf344549e28d7e24782f99

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
sodar
pagead2.googlesyndication.com/getconfig/ Frame E280 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220615&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
208878377787f29d5b87c427eedcb0ca4526f2518a21d3ee3bd4b7d171100373
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10778
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F8EA 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242783&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048965&bpp=5&bdt=561&idt=262&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=1611899983&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=3191036242&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C44761043%2C31067629%2C31067769%2C31068031%2C42531608%2C31067487%2C31062931&oid=2&pvsid=2619008417580660&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.x8e1tnpbxfhr&fsb=1&dtd=269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
3306
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 15:12:23 GMT
etag
48472445140208031
expires
Sat, 18 Jun 2022 15:12:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
pagead2.googlesyndication.com/bg/ Frame DE00 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242780&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048798&bpp=10&bdt=544&idt=257&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=2066176180&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2616092914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C31067629%2C31068030%2C42531608%2C31062931&oid=2&pvsid=947895602040670&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nx24r792w2lt&fsb=1&dtd=277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:56:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
166235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13859
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 17:56:54 GMT
truncated
/ Frame C475 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65a159c44ac6cdc262e35d6a4580f118c6e692a565996030b37b15b322a9336c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E280 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Jun 2022 16:07:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6DD4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022061302&jk=1630438174299060&bg=!UVKlUhbNAAbASn8N4Eo7ACkAdvg8WhMeZozkFlDVmIn2TDtJf9LxBerdZmf3WU_Ni5lmlhFLF9v_MgIAAADDUgAAAAloAQcKAHYRyUHmT7uqC8-dif4WtJty_vJWauUf1MoWJCtn6wbs8eV6x9QEbPSRn4goD_feXvEJcQF9U09XNmO2V_IzpXZwSJ5BlVOZ9VLC8kvsxvj-zF-jVSTEATr0QZXBdKS9S3wabk04-CWdtyJ6tY3qDEDBRbF9TdBnmQMAlUecqcQGFvkkg-tYU0a0ARYIBvgznJfeOpX-ajK9AFTr27VqFbehoSoEQzpc2SDibD6Vv1r9Yha-XHQc4sbGvdiWdjmQNKGOMSGkNKG3VkjeSYLb7arKgITfX-8nmciZaecXCfg0apyKvkjQ-6a7kSj7OV2MZEUUoaFh9Fyz8QUfM6WGP9s2cXTAQbB8polH6snp2vVRzBrxs5Jv4yGavttsJhz3bQCq8eo-pJq8aFzEW1m5UlV3hC7vz5Fm7M3SUrNaLEr4kxldQWL-Pysv87G2Z5ieEB46gOnBLJGs11apaiPbVpvQ3TkQxA98hn_Gc0uFFNNUwWOQssWM3SoxU6TLX_bWsQKtiMHG03oDqR4Ej6n-eBSfjthENyYU32fReOAoNGf5l52sB9oQs62nrP6fEljddREjpkPCa3YC9Ga1nd1jqbJCw6bRi-PhlGPj5oUUllB2yKIFjg3zxROJ_4ghIFixhuER0PZzEX9j8Q0VevnZSDhW4IoCoa87Ks0gGJZCx_O4igJHdO651481UZKNicTP7JnAMuN_ihY1zUgBICo3k1GjOPZ21JT47LKqo-Ra3iyyq8oDtwbhMywgNJhdZCW9e1BqsxJtu_WUcJWe5Jzczqsqqu0593vEK-bv1M_xXUL8XGKYX83lRtHVX6aI338K4nGv5DgOCgW_nUMv3j7rGjKucge0eO0HuMHDlznthb-DKK0nXJQQlCA57PFIz6L6UybtxNZV98VTO_HFrPqfBzn-GyJxBFTdfO73lckZrbPlG08y9ZNawouz9or5onjxXkXtkMyk4BocxL6uUC7Rlq4T7C7tpDtfm7KXzALNKOivGBD_dPFyloC4qAHaS796SGQ52XXe2VhYOINSIOcokRVdkfOlkQpGYwrQaanHQ4gR42r2n0hZCHqW_nfOIxyRZn-W3_akC6iANWXejAPkH3Jfmz9s1hnoOmotLYLAPJ_T1my0oXsNliNNOayXPijB9fZ3pYxndFctL7Vm7F5ze1B2fTQ1v4Wxa7mO
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
dpixel
cms.quantserve.com/ Frame F8EA 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECOzwi1MjpQDgjj5aKM8yMs&google_cver=1&google_push=ARnp8GDdFdp0ZCOStoGk5oe-WWNwhfFzj3eG480IVsA5gkHg6OxwM43LpunVBfIsQwRplLtRaNo2UQPAUGQBObBeYSoWZ81l8eodAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242783&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048965&bpp=5&bdt=561&idt=262&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=1611899983&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=3191036242&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C44761043%2C31067629%2C31067769%2C31068031%2C42531608%2C31067487%2C31062931&oid=2&pvsid=2619008417580660&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.x8e1tnpbxfhr&fsb=1&dtd=269
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800e:21:a878:7c6e:cf7b:3362 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F8EA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEByAcFPdJZ9CpavvXGDCR68&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Um5OclhBSUoxTzJldm41&google_gid=CAESEByAcFPdJZ9CpavvXGDCR68&google_cver=1&google_push=ARnp8GCCfRCRKX-mBm51Wn1RX5KG1KHDKZo7oQ1tFsifkXK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Um5OclhBSUoxTzJldm41&google_gid=CAESEByAcFPdJZ9CpavvXGDCR68&google_cver=1&google_push=ARnp8GCCfRCRKX-mBm51Wn1RX5KG1KHDKZo7oQ1tFsifkXKjdpd_PfCnaf3RyKFxYod_7-3-6A1T1TDWtgMj7bKEfYxVGcDJwuJwLA
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Jun 2022 16:07:29 GMT
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0df29b6fdb34fb134@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Um5OclhBSUoxTzJldm41&google_gid=CAESEByAcFPdJZ9CpavvXGDCR68&google_cver=1&google_push=ARnp8GCCfRCRKX-mBm51Wn1RX5KG1KHDKZo7oQ1tFsifkXKjdpd_PfCnaf3RyKFxYod_7-3-6A1T1TDWtgMj7bKEfYxVGcDJwuJwLA
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame F8EA 		43 B
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEMfKlZYZ1NfQ19uXIu2gcVQ&google_cver=1&google_push=ARnp8GDXGRw4e9f_BDdv9lumahiWfEi8rV4xG7XSTjCDiyInW9dboZ-AKipN4Qo6p1WyQvX3JrsjcRTkZz8dHheV8pWhNRnaYeZRsw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DARnp8GDXGRw4e9f_BDdv9lumahiWfEi8rV4xG7XSTjCDiyInW9dboZ-AKipN4Qo6p1WyQvX3JrsjcRTkZz8dHheV8pWhNRnaYeZRsw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242783&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048965&bpp=5&bdt=561&idt=262&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=1611899983&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=3191036242&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C44761043%2C31067629%2C31067769%2C31068031%2C42531608%2C31067487%2C31062931&oid=2&pvsid=2619008417580660&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.x8e1tnpbxfhr&fsb=1&dtd=269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:30 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
71cd09db3bffaf70-NRT
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F8EA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESELJ_r-tBf59ur1Hpqh-VYQc&google_cver=1&google_push=ARnp8GDaO-KXMJeSQK0EQw_r5Qus_VgxZdlCcyRIIIz6U9WMfsNXgDRtjlRH4ThIzKqb6zRKjF9UQw8KmwmP9ViiVU...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZGFlNTdiNTItZDVkNy00ODY5LWFhM2UtOGJiOGY3NjM4YTcx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=dae57b52-d5d7-4869-aa3e-8bb8f7638a71
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZGFlNTdiNTItZDVkNy00ODY5LWFhM2UtOGJiOGY3NjM4YTcx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=dae57b52-d5d7-4869-aa3e-8bb8f7638a71
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZGFlNTdiNTItZDVkNy00ODY5LWFhM2UtOGJiOGY3NjM4YTcx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=dae57b52-d5d7-4869-aa3e-8bb8f7638a71
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
pixel
cm.g.doubleclick.net/ Frame F8EA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJs5BKiujAvC3GAtg2S1ZtE&google_cver=1&google_push=ARnp8GAqPNQomZZPCq5TK8qmMq1-jOnhHZamjCCp3k_sh7XtKU8OgcTKb6F7JCDssjnJyKZJW9VbhBHp...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc0MDg5NzMyNTI2ODg5MjkwMA&google_push=ARnp8GAqPNQomZZPCq5TK8qmMq1-jOnhHZamjCCp3k_sh7XtKU8OgcTKb6F7JCDssjnJyKZJW9VbhB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc0MDg5NzMyNTI2ODg5MjkwMA&google_push=ARnp8GAqPNQomZZPCq5TK8qmMq1-jOnhHZamjCCp3k_sh7XtKU8OgcTKb6F7JCDssjnJyKZJW9VbhBHp7ZjeOkDqMWzSg_DgHgx4dA
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc0MDg5NzMyNTI2ODg5MjkwMA&google_push=ARnp8GAqPNQomZZPCq5TK8qmMq1-jOnhHZamjCCp3k_sh7XtKU8OgcTKb6F7JCDssjnJyKZJW9VbhBHp7ZjeOkDqMWzSg_DgHgx4dA
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame F8EA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KooInFSPArl5Aq5awnQ9GlAcoBJvz-_LTxEm5lkcsDoEZ6ArdZf_20m0k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242783&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048965&bpp=5&bdt=561&idt=262&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=1611899983&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=3191036242&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C44761043%2C31067629%2C31067769%2C31068031%2C42531608%2C31067487%2C31062931&oid=2&pvsid=2619008417580660&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.x8e1tnpbxfhr&fsb=1&dtd=269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame D672 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220615&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b987f0debfc54bd4a3064058474da6f8423c9d1ec4966e3a3ba0fdeb942f67d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10628
x-xss-protection
0
1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
pagead2.googlesyndication.com/bg/ Frame 17C5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242783&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2Fg2emzn&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655482048965&bpp=5&bdt=561&idt=262&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&cookie=ID%3Dcd1d9103141f55a8-223c095b89d400f4%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg&gpic=UID%3D000006b7d91359c8%3AT%3D1655482048%3ART%3D1655482048%3AS%3DALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A&correlator=2110577751545&frm=23&ife=1&pv=1&ga_vid=786912116.1655482046&ga_sid=1655482049&ga_hid=1611899983&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=3191036242&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C44761043%2C31067629%2C31067769%2C31068031%2C42531608%2C31067487%2C31062931&oid=2&pvsid=2619008417580660&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.x8e1tnpbxfhr&fsb=1&dtd=269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:56:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
166235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13859
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 17:56:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9E58 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
48206
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 02:44:03 GMT
expires
Sat, 17 Jun 2023 02:44:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E749 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4b110ac5ca0bbf39d22d7dcd172ecaa5838ed46f12a20c50b70da4f69f919192
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J1AlHIKrxvPWBot-DTUyXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-J1AlHIKrxvPWBot-DTUyXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 16:07:29 GMT
expires
Fri, 17 Jun 2022 16:07:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D672 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Jun 2022 16:07:29 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E6FE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbgNWOIWbV1ajLF6SyaWMv3Azwiarnfof1a5AJ2H-gowYh7jQmRJj38AiN_HVIjB-ZKvFhXmjHQhzytHv87MomTyM4W2ZKqjN4ug2v4Kkch_UuETPIJdKCVh5g&sai=AMfl-YRV-HF0iPZk3WvmSnUeSRATgcWS0U_v_ykh2l1Fq2NDWR5kFypgPk2y7sP9mfvqUonFJk62wX2Z9HAuqKDYpQpmTvD9Ew4thpk&sig=Cg0ArKJSzDZt4bhd7Wb0EAE&cid=CAASFeRoj6GL2pFissLRqZ85UCOZM2R4Nw&id=lidar2&mcvt=1014&p=0,0,90,970&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3326638708&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655482048345&rpt=538&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F8C0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022060901&jk=2861684757338419&bg=!e3ileDzNAAbASn8N4Eo7ACkAdvg8Wjdn3kU5PWHpSQi5_pCFxkRs2jyvjLXzJkFdsIdfkmgbI3XyXwIAAAClUgAAAAhoAQeZAvU2voOtf3m5w7LF_0-qzRcpcYenOjwAFSBqWnt3zG_fLEouvcq7u6rYdhlBBAEM6gV3oIE0EawBjfoWcGPZsmRw3j5ymE8xb-ar5EfObPfYvjm5dtHdaXHD_q4keDFXsS0S9kD5ytV9XU8rnUlQD2GLPm5mg6rzReEJWsjPhZjMsMqtnPKcHa6LEn8ufImvviaVUW9uUOeiPdc6mUbJLFB5yqqBjrmjJQqMGIHSdHhg0gYr4OBGqWqy5WYVNx6gEx7ze5c5uOyvhd5JHKfxVwVsxK1VGa01eNYJRRSqlhZ-SN1len5abUxEVBWzYDSpuThvYfwpOYJ7SQWf-x3M4tI0N8FhShs8rnCuf511_NTtQwFMy7DCOQQkDz-aW1-jTx9xqzMj6rwHvgC7lHbeAALlB4cn5L3qdy1JrwwGX2-TUL9bzMDldI1n6nsXoQkhgaRhIPN_prY7SC7pubFNWq9L0WMNDx68SVCAlrEg72zh_oLkFh4dXFRnVC1QWxAaIcsv8G3Jd2BF-XY5xKJzbz6k6Mw5izPKwVHFJZR2h1Y0skOjoUx0hOw7ACch0lZDca_gXFRgByFyP2mFGg1k3MSh-cP_h411pm0_7KWAq1tvdv2jw-YXXxKsg662ObejacQu7bc-QDQR6IyYybfUicHCMRW7KIXlS4k-RUnWet3_VqcnlCvRlj_87cFgGII5x85xsWOpPZAMjmbHVCBDnVQkMrhc0M2Q8z3UVjyRwzmo1p_dsCSWF6MdcEujWxY-0W-LqCe3JT3qNoG8_r2HX1PCoVyh_CJT4W1I-Vna_4ry3MNgcLouk8pEe5VQFYL5N5JUXT8n4X50K9xybEZriun_kYhGWKU0zVFcQRrh-GdZPuVhdkfayu9qKMAhts7LKtU-cf-Gbmi-ZO-2kB27QTLbAikSei87RCtJL8ON_C7wXW5w39mLJoyicyug1etH17M_a6szq1iJvCRSK43Cy0Bj83lmSnscuMmZ5jD4vnC_WmRlIXDP
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 2F6F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220615&jk=1040823750251013&bg=!WlmlWR3NAAbASn8N4Eo7ACkAdvg8Wk_XSEiAa9RvcEOfE7qxea3qiZk7FPmFxViLlxwxeuAd4OGsHQIAAABvUgAAAAJoAQcKABEcTei_1mN2zvulv25c35FqtZkCyruWw44jPmeZeREPR6AgFkAbHPMNr9iP8B4C31CcsjekW7HrsJdxPbABnU8VslaEougDj-MXf409lZ2xYNTX5zSUqTXF2TwI1LcndsZCZDxlXp__nFekVFHptvdgp4-XOQtJfoau10x7fEx_x2Ax3ndHDVeJPsXcXbl94Et1KG2nVQK3yhjSuKu3_WxZIFE1jbrQj9uUX0aUTqjGvkKynOZJqCB5ugTOyKc_MGvu-brMpZWVGSQ26HBDqckhZMJavtER3Oz6TadAuuFrGdCIe2YTLYatJmlxLHCYJmsivbn8LjRlPfd7ipt1E8T4CzEa1rZy8RCOMVPUoSBq1k-_urmcnbs1lphnuw-hVaG23DufMLum1wjC3Ktmgrbb0nKVxbMpuURtkfo_qA4wj3iW2pkeKg9xZYjeAsvK0vc_c6h3T9SnPWHKrO1EwMiJWzd83EemWtOBZr1T1gLGVlBqD-hR6hTl4TffH94UJXbn-pDwB4YxSMPF0OsueAP5YWWUW78aiBFs6lDSIDPKE0iW7HWg5K3IXzn5eRZ_Ke4CPOUnS0CsfEm4vqgG6iLeft1ADJAjBukvWZWcriIZ4Rleljbhb1bzpP5W_0hk439HZgFM4JXwahZTSW-_VxuzROMz5Cpx1XiBRppXDNcDs5X4g-elBuIQqnMxthsUCazaoTdiayC1CwoBasSMsJB9MuOi5M717zJMP9vjmIOt_X6iPH8yjAtjlqciNUn0Xw8f7n7B25Yxvh6tyluHVenvsEjW8_LB1Tgo4YSWe7otgdiYYYWzLb8qTiKJH0MnlOtfSgexgdx7C4VMq9m5XjkCjgDdqZ8Bbk66sP7bJHyvytAo9nvmHLr_72ScAvUWmUIZPa7XZr83jcMAUr3n1zdc6CP-kg3HQtHVasoe3U-u2euSADXmmV-U_YKR9KvBtVWsRnHXdfqGencSFyM1Vg
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame E749 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220615&jk=947895602040670&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
pagead2.googlesyndication.com/bg/ Frame 9E58 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:56:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
166235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13859
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 17:56:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BAA2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
48207
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 02:44:03 GMT
expires
Sat, 17 Jun 2023 02:44:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5F82 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f7f0a162513111e5fa747ca6a5c14bd0be2bbd90a6e83b04e834d9bbaa17ab23
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JJDkxrDuI39heVK1AHzBpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-JJDkxrDuI39heVK1AHzBpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 16:07:30 GMT
expires
Fri, 17 Jun 2022 16:07:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
pagead2.googlesyndication.com/bg/ Frame BAA2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:56:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
166236
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13859
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 17:56:54 GMT
generate_204
tpc.googlesyndication.com/ Frame 9E58 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?FyU33Q
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 5F82 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220615&jk=2619008417580660&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame BAA2 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8TxOcA
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A0DB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIZDK7A2TKvarx1NenPuYaVqMmbtPEzIwxwQ-4XVNlI6rX3YcTDTy1sd-vWhSvrFpW5Ts77sP1MnM07pnK-KxXhryCCHYKiK6v3i24zwi7OvcjvH1Dlx4Jwf2s&sai=AMfl-YSbRzJG6nDerERtShlW1BMnk9bLDsm06JOEHxQWmFCxPKg2ZBltIRZzFiMOPQrufXemJGeuai428PgDKA9poCnbN35aLRiyEzzXJJj4W-LmK30yXBR9py-L5lpo&sig=Cg0ArKJSzC-DaDKwwppuEAE&cid=CAASFeRoD9Wl7hTch6BMr4nHjHb-LENmvA&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3645501049&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655482049077&rpt=533&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E280 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220615&jk=947895602040670&bg=!ERKlElbNAAbASn8N4Eo7ACkAdvg8Wnu-KJmju5pqibI7GCB8dR98PxMK5stJi145lcSY3E60zE2JNgIAAACvUgAAAAJoAQeZAuKho0TLIl4R5UhKK370iVOO1EgT8nR3J9yzKP9x6CkrX-gnD4_k1LsIPY70KLqe3ycNZ0QzHvQDNikgygfW5yRFuIy84oa251zKCGYT-0K_hR9_J760Mx8as2sYWHiqUxCYzkHV9d0IqonsKK24eriUBIFAMZ_Qyo116fr2CmfdFwVhILZhHclWWF-DcO24X74WSO2rtV5DzmaKrzJV1e_sx4cYZjPWYMJw-sDsV18FSHbhuAR3h4t2FXC-eT_QbMxq5f-Tdlj-MMJRCbNtMJ9k9m1txdQlHSK3_Iob4_zBOTzFv8I5kZhKbPmrKnmeBu28wE7eva_xpLQIjI9k0cwvQDdwU-nIBG4Mq96k0kvQEUzHET3fCmRgfguJTM1uerWBGQjfumkBhYkkOM1JYCblzcvpdXbEye0zRceNzLR9kYZcCng0sPo6eFt07oseNXmpyG2Xtkcr4-bL8ykrOIvb_LQrRnnlXtD8S-RrUasMJpTwUGkDdgJRAVhEUrC0qDCNw2HV969Ph5Rl46nmglrJylwLCkcQa6iYNAFCaQz10uz6uHwK8puw0idEdYH7bhq8ZZ7gwTBNZ7sQ9DhlbA6GKDaBQRX1Hby40EH-QPmHjI3nckIr2GdBo3b_25L4Xua4tomtCx9Nm8zMpUjUZYBzRPdLaQpCCEshpdKYPdCG2tDgWYhW57eUvFJHEUtI9pDbE-VKKe0hFqL6b9cPTD5Z4oNoSlfxXCO14E_QlmiLVc4vk4vTGewH8wFgmmFz9ol1LZa0v0UzAFSnqHnRov6S1XFwF73xZlZx0YTRPHW8_-XoWrvRl730-91PP3hFGpsnBLJ-vwX3qMwY9F_Cj8Ow31S9WANi7wV9bSWfmXLqSLOvkmDMWoGgTNj2qX05hbvceWT3OaZpE9YCGTDy0DDODq41Ajok1dS6N4c_5HRsDOoC9CwOGNm5zcDoLTZk2X3NYlCjgL8Ypn3aMjwL6CNRGSI
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D672 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220615&jk=2619008417580660&bg=!QUKlQgbNAAbASn8N4Eo7ACkAdvg8Wjweuuwwe-ZSbP1eE624w56IWVnCCslGfNXSRch3qr6478sYRAIAAACHUgAAAAJoAQeZAvyDMn-PzgJj6BQKOCWePZFQG286_sub9MSYV5IXbSG66oSmD2bawnm4_M0zVkVp54QjOt24SpnWSjgxFock16iFciKdLh7NgX4jdQDnEseJGAfT36Xoqo_4yAPuFwyvZHMKE2ti8uiGB2i4T_OBkvtqsmhcta62rAlCCZL-s9vUStbjS2frwGrnlWCzBAYrfnRvRkKDNqXR49THcbuBYwWCnpck2SoTkgkMas3nQeJiOLbX7vDCDi_PqUwvp1KRcgYWTQBV1jKUTn222M_xHuFgnw9KJwuAQtvnAewMwYFlJKnZmBY7WazFLTnnNSWo91VjhuKOTsclfIRDwTc-jYe7a8fbaCFY3bzOwT-6wu0w2Dk10eLvH8mXeK-ujRTjz4i0Diw4cTcl0NpHhKVj7e3NQCfLIN3RZjCwepexqFV9c1twiNHdwEMNcsqp03Z4Nd7D0X8cdIvRsmegPWQEe9t4m0W2u8kTlSqRzUETboj4MhL3Mg8-bYBlDDViJZFpfPaTsc-LfNfAQOvM34ZcoZlki4ArwiwHLKtJGc4m_C2yEleMyIc4XDlNXy4gPcciBmKUCgNb0dUu-qIPnEETy1TnPopUFOjSec5AZ46bhYXBAMVG4Njv4iy1JQuPWC-qOlgYXS02wjt-Tp39fqdFhLZI1HYcXq3pfUbuDBle7_kixEQ7UbuTyjRT5cVd1opylESwzs-JS9v-PGuCLgsdRmE08LwILNFfbDpusT3sUYz0WudUeZYu-oWF3WXFDgVoRKGStWA3rQBSM1zo7UBAv9i-YhqZElOugaEWN5EyFomT-mLksptSoxM-FkNkIKqSe57uCIc8774KALx-R5GbTcbPCdwBn8cxvHpl-U6vfbRXoFDW0DpC7DKjA3ggMg0MuyWHwMefvXll6dNqv8TJWcZPzQaBEmzvPKozKk1pe3y9OXeWc85gmJqkKGTRcMz6lq_EbqGnp5OTkjsxvfQZymqob9H6xl_XzN5bsliijrO4t_GSTmfRJqfsHkxBMg
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
sid
mug.criteo.com/ Frame C0AB
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=OpOfzXxpRVRlR3VSR2NKRFVXK2tYcWRibFRUMGYwaDVuVDN3SkI5V0I4ZDNxaFpiMXB1QXkzd0VJTFFEb3lJejRhamFkRmNHbjJ6TEJqL1h6c3VyMjY3VGMwWHdFZ3ZpNDlhcmxob0pZTEUwNE0xbXBHTjM1ckttazBETm...
419 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=OpOfzXxpRVRlR3VSR2NKRFVXK2tYcWRibFRUMGYwaDVuVDN3SkI5V0I4ZDNxaFpiMXB1QXkzd0VJTFFEb3lJejRhamFkRmNHbjJ6TEJqL1h6c3VyMjY3VGMwWHdFZ3ZpNDlhcmxob0pZTEUwNE0xbXBHTjM1ckttazBETmI1bHhlMFdHcE1YNW5HY0dmVllKWmIrYW12Nko4aEg4Z1g0cGpzZjNOOThMQy8xSWdsOHErYXFpVlZ5U0lzdXY5SFRqQjFBTEdWZ1Q0cElrVloyMTM3aWxuYy84ZXJ4dkFUck5Qc0pSN25LNUVtaGZRVWM0UU5xcFI4TDNzM2tubzY0QmdkbEcvelYycHExbXQ4RGtvWEV6bmk0Z2pURjE4bGVUNDd0UzBTTloxVE51VEdqST18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
4ff2e9a7b3af25497405528b62789853402483c86dd022d871ef2a214ae7e81b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:30 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2860
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:30 GMT
location
https://mug.criteo.com/sid?cpp=OpOfzXxpRVRlR3VSR2NKRFVXK2tYcWRibFRUMGYwaDVuVDN3SkI5V0I4ZDNxaFpiMXB1QXkzd0VJTFFEb3lJejRhamFkRmNHbjJ6TEJqL1h6c3VyMjY3VGMwWHdFZ3ZpNDlhcmxob0pZTEUwNE0xbXBHTjM1ckttazBETmI1bHhlMFdHcE1YNW5HY0dmVllKWmIrYW12Nko4aEg4Z1g0cGpzZjNOOThMQy8xSWdsOHErYXFpVlZ5U0lzdXY5SFRqQjFBTEdWZ1Q0cElrVloyMTM3aWxuYy84ZXJ4dkFUck5Qc0pSN25LNUVtaGZRVWM0UU5xcFI4TDNzM2tubzY0QmdkbEcvelYycHExbXQ4RGtvWEV6bmk0Z2pURjE4bGVUNDd0UzBTTloxVE51VEdqST18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1310
content-length
567
expires
0
cm
c.holmesmind.com/ Frame C0AB 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:30 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
idSync
sync.aralego.com/ Frame C0AB 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:30 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame C475 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXJnqyKy_X59nkJr5V045yUnNDV9IilO1VrfuXsy-Sr4vPaECSijd_zPF97ZEeIaIxUSaBzavh4MZHJvxCc4p3PNZ4eZmK81hZErUW9Dvz8sb3PA6cyuO-ndOE&sai=AMfl-YQ_BNPFmbH8q_QrnM6Zgw0nOWsBq2lNIi_Cfg2kRz5g1sZmCwpeG1L1jhVOpgSAYm-HM2-pRx4Zpf9UyFqxmqrWxPYz9X4adAqb18qtXJ2JLPm9qb2KhdlRZzxA&sig=Cg0ArKJSzB6_vd1edipVEAE&cid=CAASFeRop234sVQ3IDqoraDbxIQ6CGAiRw&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=727071374&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655482049235&rpt=565&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 17 Jun 2022 16:07:30 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
941
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=OpOfzXxpRVRlR3VSR2NKRFVXK2tYcWRibFRUMGYwaDVuVDN3SkI5V0I4ZDNxaFpiMXB1QXkzd0VJTFFEb3lJejRhamFkRmNHbjJ6TEJqL1h6c3VyMjY3VGMwWHdFZ3ZpNDlhcmxob0pZTEUwNE0xbXBHTjM1ckttazBETmI1bHhlMFdHcE1YNW5HY0dmVllKWmIrYW12Nko4aEg4Z1g0cGpzZjNOOThMQy8xSWdsOHErYXFpVlZ5U0lzdXY5SFRqQjFBTEdWZ1Q0cElrVloyMTM3aWxuYy84ZXJ4dkFUck5Qc0pSN25LNUVtaGZRVWM0UU5xcFI4TDNzM2tubzY0QmdkbEcvelYycHExbXQ4RGtvWEV6bmk0Z2pURjE4bGVUNDd0UzBTTloxVE51VEdqST18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 17 Jun 2022 16:07:30 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
865
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 17 Jun 2022 16:07:31 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
957
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 35F7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=epaF43x5YmE3c1FxTDRBM1pqaFVYUVVtb0F3a2FyTk9JaTF4Tk9yZGlNWUh4NTJVSUdkaXFNaEJzZ0tPU2pwSlJNSXMwK1lWbzRhWEZtNVhxYTIzQllJaTV2ZzB5VU5BQXVHdktLQU83MjIwOTFFY3hpQkF4TGEyZXZ5TF...
403 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=epaF43x5YmE3c1FxTDRBM1pqaFVYUVVtb0F3a2FyTk9JaTF4Tk9yZGlNWUh4NTJVSUdkaXFNaEJzZ0tPU2pwSlJNSXMwK1lWbzRhWEZtNVhxYTIzQllJaTV2ZzB5VU5BQXVHdktLQU83MjIwOTFFY3hpQkF4TGEyZXZ5TFpXN0dpZzkvbThSTjBTSjVvSGN5elVrL3dHNjdmRTZ5V1ZuQ3cwaEFneFliMnJsMVdGaTZUY1NFajFMUGU2T043UGRKMTdYcmpCL3V2U1QzTUwzKzFCYk81akEwV0hZRlU2Y2JmNkJVNkt2MVhEcnhXMUZCdHNGVG82MmVGUEFDcGxnZEtWVk9XZW5rODNuMlpYRjFJUm5VN2pHdlYwUjRmcSsvenNpL0lZeXlDdjAzbHNpWT18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
7d4dccba6a6b678ad06f9b135ffb8568bb6051332e2bb4c321f1e1d0cae83e2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:30 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2828
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:07:31 GMT
location
https://mug.criteo.com/sid?cpp=epaF43x5YmE3c1FxTDRBM1pqaFVYUVVtb0F3a2FyTk9JaTF4Tk9yZGlNWUh4NTJVSUdkaXFNaEJzZ0tPU2pwSlJNSXMwK1lWbzRhWEZtNVhxYTIzQllJaTV2ZzB5VU5BQXVHdktLQU83MjIwOTFFY3hpQkF4TGEyZXZ5TFpXN0dpZzkvbThSTjBTSjVvSGN5elVrL3dHNjdmRTZ5V1ZuQ3cwaEFneFliMnJsMVdGaTZUY1NFajFMUGU2T043UGRKMTdYcmpCL3V2U1QzTUwzKzFCYk81akEwV0hZRlU2Y2JmNkJVNkt2MVhEcnhXMUZCdHNGVG82MmVGUEFDcGxnZEtWVk9XZW5rODNuMlpYRjFJUm5VN2pHdlYwUjRmcSsvenNpL0lZeXlDdjAzbHNpWT18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1246
content-length
567
expires
0
idSync
sync.aralego.com/ Frame 35F7 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:07:31 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cm
c.holmesmind.com/ Frame 35F7 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: reurl.cc
URL: https://reurl.cc/g2emzn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:07:31 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=epaF43x5YmE3c1FxTDRBM1pqaFVYUVVtb0F3a2FyTk9JaTF4Tk9yZGlNWUh4NTJVSUdkaXFNaEJzZ0tPU2pwSlJNSXMwK1lWbzRhWEZtNVhxYTIzQllJaTV2ZzB5VU5BQXVHdktLQU83MjIwOTFFY3hpQkF4TGEyZXZ5TFpXN0dpZzkvbThSTjBTSjVvSGN5elVrL3dHNjdmRTZ5V1ZuQ3cwaEFneFliMnJsMVdGaTZUY1NFajFMUGU2T043UGRKMTdYcmpCL3V2U1QzTUwzKzFCYk81akEwV0hZRlU2Y2JmNkJVNkt2MVhEcnhXMUZCdHNGVG82MmVGUEFDcGxnZEtWVk9XZW5rODNuMlpYRjFJUm5VN2pHdlYwUjRmcSsvenNpL0lZeXlDdjAzbHNpWT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 17 Jun 2022 16:07:30 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
873
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php
Domain
prebid.scupio.com
URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8845215351434248
Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php
Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| fbq function| _fbq function| Vue object| renews function| getRenewsFeeds string| labelToken string| category string| GoogleAnalyticsObject function| ga object| SD object| device function| sitemajiDebugger string| adUnitType object| Scupioads function| hasOwnProperty object| scupiosdk number| edmpvct number| edmpcct function| c_tag_mk number| cftkn function| chktkn object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ElandTracker function| stfpjs function| cookie_mapping object| criteo_syncframe_state object| ucf object| ucfad_async object| request string| paramsString object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag

58 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _ga
Value: GA1.2.786912116.1655482046
.reurl.cc/ Name: _gid
Value: GA1.2.926089554.1655482046
.reurl.cc/ Name: _gat
Value: 1
.reurl.cc/ Name: _fbp
Value: fb.1.1655482046495.450889844
.facebook.com/ Name: fr
Value: 0QuG53uqM3m8clgC0..BirKa-...1.0.BirKa-.
reurl.cc/ Name: CFFPCKUUID
Value: 7104-kEv4HoaWUz5fMGcltR0CWfdUjRReCXBq
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 3731-vPUeODj98JoAJgPXNx4WMh0KtugmS6je
.hinet.net/ Name: uuid
Value: 326a92f5-0ecc-4712-8e90-a746670bd85a
.c.appier.net/ Name: _auid
Value: Img4TYavAbeLdrRfvqasYg
.holmesmind.com/ Name: P
Value: 677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri
.holmesmind.com/ Name: Vision
Value: 20220618-23:59,20220618-03,20220618-03,20220618-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.reurl.cc/ Name: __htid
Value: 326a92f5-0ecc-4712-8e90-a746670bd85a
.reurl.cc/ Name: _ht_em
Value: 1
.aralego.com/ Name: sspid
Value: 8b541bef-aaf2-3c99-b3f3-b618f163e0d3
.reurl.cc/ Name: _ht_50ef57
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmrsuxSimI1FGNCHMRukU9UOmlxLdCxUcV4Pfhd8NKcVWdysHTuIt4eXeBWuAQ
.reurl.cc/ Name: _ht_hi
Value: 1
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.scupio.com/ Name: OrgKeyValue
Value: CBA2022061800072769472
.scupio.com/ Name: gx
Value: H4sIAD8XrWIA%2fxNmYGDg4uZ4s3fa%2fA0LX1gJsAqxcNgLMAEA6jsu8RcAAAA%3d
.lndata.com/ Name: admckid
Value: 2206180007271597571
.scupio.com/ Name: gxc
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBMCmrGICEB_zkYM8avKyQZbBFVSifGMFEgEBAQH4rWK2YgAAAAAA_eMAAA&S=AQAAAg_tnneYftARH8BuiT1c8n4
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/ Name: d
Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.criteo.com/ Name: uid
Value: 6af7e9e7-f359-4ed9-a939-0422324e79f1
.reurl.cc/ Name: __gads
Value: ID=cd1d9103141f55a8-223c095b89d400f4:T=1655482048:RT=1655482048:S=ALNI_MYSJqCiJL5xOcz-1Y4ouSmBJF8Asg
.reurl.cc/ Name: __gpi
Value: UID=000006b7d91359c8:T=1655482048:RT=1655482048:S=ALNI_MZfLvKyJ5aeUjEBcld3lYFOu-Pe1A
.adx.io/ Name: _id
Value: c21a146b-58fa-43b2-9f91-60da8f91242b
.adx.io/ Name: 35CJa4376-vp
Value: V-c21a146b-1655482048392
.adx.io/ Name: 35CJa4376-view
Value: V-c21a146b-1655482048392
.adsrvr.org/ Name: TDID
Value: dae57b52-d5d7-4869-aa3e-8bb8f7638a71
.rlcdn.com/ Name: pxrc
Value: CAA=
.rubiconproject.com/ Name: khaos
Value: L4IN9NU3-1Q-QU
.scupio.com/ Name: rubiconid
Value: L4IN9NU3-1Q-QU
.turn.com/ Name: uid
Value: 2788052936898906557
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YqymwAAJn7V91AAo
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&6f2dc63d-4bb8-421e-81d6-578a3c04ffd2"
.linkedin.com/ Name: lidc
Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2374:u=1:x=1:i=1655482049:t=1655568449:v=2:sig=AQEH5VjqP54LVqvjjX3cb0B_DIGuXzP_"
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: EA0BCQGzJoEA
.quantserve.com/ Name: mc
Value: 62aca6c1-96926-9ef8c-4f119
.adform.net/ Name: uid
Value: 6740897325268892900
.w55c.net/ Name: wfivefivec
Value: RnNrXAIJ1O2evn5
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCIDIx6awoeg6EAUSFQoGZ29vZ2xlEgsIzqyJsrCh6DoQBRgFIAMoAjILCNi8udPGoeg6EAU4AQ..
.w55c.net/ Name: matchgoogle
Value: 5
.adkernel.com/ Name: ADKUID
Value: A4271139033187229400
.tribalfusion.com/ Name: ANON_ID
Value: a0nseFS3n0hryoxDnW6Zb03kHBeVh5yy7UPZaUaxQCeSa3NZbCdTHZbSZb4mGZd7bxmiv8WZcPc0QRr6QNZdEEDFIOkB
.amazon-adsystem.com/ Name: ad-id
Value: A-K6Mtt_hEvPvq85AtCE8d0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.torchad.com/ Name: ADK_EX_309
Value: 1
.torchad.com/ Name: ADKUID
Value: A4271139033187229400
.rubiconproject.com/ Name: audit
Value: 1|SyVhFah79XCLOcc9hr4EkMVtViOC8OcOnrugE9TxQIKuYhAoxminfz5UtZZ08wNei/UUZoZYnk/Lv0ZnN1+t0Vm3DUAyuHnL

4 Console Messages

Source Level URL
Text
network error URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D45621%26Tags%3D2004%2C2003%2C2002
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D44624%26Tags%3D2010%2C2009%2C2004%2C2003%2C2002%2C2501%2C2502%2C2510%2C2539%2C2628%2C2592%2C2133%2C2306%2C2921
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D45583%26Tags%3D2364
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D677187-9ffYxSRHe0XFix9E6v2RdCijNl8xZyri%26SID%3D45589%26Tags%3D2004%2C2003%2C2002
Message:
Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

326a92f5-0ecc-4712-8e90-a746670bd85a.t.ssp.hinet.net
3e6c085bc3e9c8aa950c750c3b3e7a4a.safeframe.googlesyndication.com
721a07cf651cd11c1403a4c6154c2314.safeframe.googlesyndication.com
8d109ada65db6ecc00f2ce3191c4ab87.safeframe.googlesyndication.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.holmesmind.com
ad.sitemaji.com
ad.turn.com
ad2.apx.appier.net
adcdn.holmesmind.com
ads.aralego.com
ads.yahoo.com
ads.yap.yahoo.com
adservice.google.co.jp
adservice.google.com
agent.aralego.com
ajax.googleapis.com
bidder.criteo.com
blog.alphaloan.co
bw.scupio.com
c.holmesmind.com
c1.adform.net
ccm.holmesmind.com
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cm.lndata.com
cms.quantserve.com
code.jquery.com
connect.facebook.net
creditcards.com.tw
d.adx.io
dsp.adkernel.com
eus.rubiconproject.com
fcm.holmesmind.com
fp.holmesmind.com
geo.yahoo.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hb.aralego.com
i0.wp.com
id.rlcdn.com
img.gbyhn.com.tw
img.racingcharger.tw
img.scupio.com
m.holmesmind.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-apac.rubiconproject.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
px.ads.linkedin.com
r.turn.com
rec.scupio.com
reurl.cc
rtb2-useast.torchad.com
s.tribalfusion.com
s.yimg.com
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
storage.reurl.cc
sync-tm.everesttech.net
sync.aralego.com
t.ssp.hinet.net
token.rubiconproject.com
tp2.beap.gemini.yahoo.com
tpc.googlesyndication.com
v9999.adv.admeme.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagservices.com
www.gstatic.com
fcm.holmesmind.com
prebid.scupio.com
103.132.192.30
116.50.36.71
13.115.228.100
142.251.42.130
151.101.66.49
172.104.70.67
174.137.133.49
18.141.122.100
180.222.102.159
180.222.102.162
182.161.74.11
182.161.74.18
185.84.60.30
192.0.77.2
192.0.78.187
192.0.78.244
2001:4de0:ac18::1:a:2a
2001:df2:a300:bbbb::135
203.75.214.136
209.58.188.181
210.59.219.175
210.59.219.180
210.59.219.181
216.58.220.130
23.10.15.201
23.108.102.145
23.36.110.226
2404:6800:4004:801::2002
2404:6800:4004:801::200a
2404:6800:4004:80a::2002
2404:6800:4004:80a::2006
2404:6800:4004:80b::2001
2404:6800:4004:810::2001
2404:6800:4004:81c::2004
2404:6800:4004:81f::2003
2404:6800:4004:820::2002
2404:6800:4004:821::200e
2404:6800:4004:823::2002
2404:6800:4004:826::2003
2404:6800:4008:c13::9b
2406:2000:a4:9fe::
2406:2000:ec:c38::2001
2406:2600:4::1
2406:2600:4::b
2406:da18:929:5a03:84c0:247d:fa50:b665
2600:9000:20c4:5200:1e:5c56:d400:93a1
2600:9000:2142:a600:3:1794:2540:93a1
2600:9000:21c5:de00:0:e06c:e940:93a1
2604:9e00:1:129::2:a01
2606:4700:20::ac43:47fe
2606:4700:3032::6815:43a6
2606:4700:3034::6815:6009
2606:4700:4400::ac40:98f5
2606:4700::6810:5714
2620:116:800e:21:a878:7c6e:cf7b:3362
2620:1ec:21::14
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
34.117.219.39
34.149.98.30
34.233.78.253
34.96.119.68
35.185.130.121
35.186.215.140
35.190.60.146
35.201.76.93
35.227.249.156
35.244.196.223
35.71.131.137
52.197.44.129
52.94.220.185
54.95.78.196
64.120.88.131
69.173.158.64
8.39.36.141
99.84.133.93
00629ef727c6c2f00185d9f431d757ffe961a78ec9296f04bde3245b0e56ecf0
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
045be4a1a062e1ceb58f55f537f93d2e4880399caf6162fc6b1345221bf678d9
04f0f93f007d9103ccfaef78ce73bb86e42b9282e2bf344549e28d7e24782f99
082874b95cc4ebd30b667caeb6f78b8225dfde0dbc845e73c8f900df1f0a4f47
09533e9658b31fcb79764178f8e7e9df7e1c36a7dc7bd22b5fa87e2da89a56d4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1219005b1ac715570be263a42b98d63280456e8fc7fcdfdf704536cfe5f9e9b2
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f
12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935
13ace3000c230275163af5eb27c262bc3788baa569bd5f4ebf8acdbc9b368650
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c1547b27c7059290d957e250ad953577b773a454539ce131ac458d799f351e9
1cddd2f3bf51045989834d533d896d5c5da9cde5dbe21e090d75d6b18d6de6f4
1e96d23570a21ae41a9fe619cd1040aebcdab437456cf7fbd47c86fcdc9614b2
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
208878377787f29d5b87c427eedcb0ca4526f2518a21d3ee3bd4b7d171100373
21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721
2347e2113a0c6d4f115bcbeb6ae2982be9b2299fb0e333933dd5d7530d63b71e
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
2aa65cdcee2804205f727bd2f93c083aa85fed1780ceefaa21888d8426f81517
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e4da540a6f02bdd62269ea01977f3c4da4f572325a590a269ffce452bec97ad
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36636efc3cf08e080d1af975d786696ced3faa0a26698e342273a59c7fb6fce5
3678e4c02c618f289eabef48601c5dddfe929667fbd20ea0e6d28330eed92c7b
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37f7cb504e24d04c0a0ad415ed8612013957406bceb5dc53e21ce7480ecbe46d
38cc1c95c970875eb071034931ed3c6e9ebae36ea721f2f3730680e7ec52d0d2
3c2ce0bd12b587903a248ece85f206edce1be97a63e44d73fea99ecca3ed23ed
3c5dd02cd4b4e5889f6b3efe5faccfbae53695ff00ba9c6df48a41e03a018348
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42176dd8bba6d2b3043429bc0f0401f069e2c8e3e2642fa3f2cfef58cad0071b
43d6370e6b392c8c511eb8ca2703063e0ad6cac53a634140bddd81fcaa50da81
44badecd3372f286127a29db7e649744bdaa8107bb35d781e3b639b3e301439d
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
450ec09142b8012915afafc33e1253f5c6abf4f6a95d866065a85be31536557b
4733409211a7a3d3d490f107d6e5b846263c9a8697a10b288f49230422b41860
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
47d92c8e587564fea7a58a22e3e8401d777acd4c45fca730aca148ca1fa0d43d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49208d22ed999fd361d3061398d38da0b539ea359a74ed244750fabc39b9aa0a
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49547399d2369e256e4a382cc86160c97c12e7a0a424909c0e5c6e2054a9b6fb
4965e628910cd80db300c17e9536852cb53d1568c0408dd83abe94089b6eab58
4b110ac5ca0bbf39d22d7dcd172ecaa5838ed46f12a20c50b70da4f69f919192
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4ff2e9a7b3af25497405528b62789853402483c86dd022d871ef2a214ae7e81b
520b8c61807a32b7cc9e77128c402f045ee331ecb146384fb8794566907bf8f4
52f21cc85b232b7e095e7998cac1a47ff64f9b8e3a78983f55537f32daebd5f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
5a2f169c0118db161e991c2ffca1d9462c96d79bef4154f793e810c6f2fc73d8
5b5c859910a0da0b091abe462b45e0d31b6a54a4c73b3097bb2de2f3ebc4ba10
5c9b0652899d3687ea14076efe8f4144d1317fe1073dd7f1e87af7413408339a
5e52d5204589af77161833ce0005eb341a93b9a7792a782c15a357aa1b3d47ac
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645416625bb68f40ab5c7c7039299caff221393345373dbd7e7be56576dd8c14
65270abb587a4a940d5e95391923a39c85fe155383bdada55710eba9084f0c24
65a159c44ac6cdc262e35d6a4580f118c6e692a565996030b37b15b322a9336c
66891331032bd7649ebc329796d03eb49b9fb1be69d5294f16ae5437971a731b
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68c3cfb9082db58a07869eddf20b19d8a97f9578ac15f1801326c0fb80c2f0c8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cbe12faad98d8b75965e41ff4037cb368597f121df1075a3fbcea18834201d9
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037
6fce35edd0815a2e58012d32a73f15c07376a2e333793766dcbb73ec43ec6a29
7a86fb6d51f497e09b74eec51961bd595f5b274d89c2a6062fdb7a310e3109dc
7bf528dd37626af27909bf86bb650268d92c3127f617caba9bea5295fd281b99
7d4dccba6a6b678ad06f9b135ffb8568bb6051332e2bb4c321f1e1d0cae83e2a
7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58
8015ce43c26e3e1e4854a7c2bc17a66aa1daad9425701373176ae4a7ae93a806
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
86185bf6f2b752cf4fb4c3fe4277831a5e00feaadabc6d60c678de3a8f24ae57
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8fc8e944f208bbdd19ac247e3154faab0c8424100a961ee7bea0afe7eb1dea68
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd
9507c82f63728034db45af7acd453276bfa6185dc77051a1c9ba4e832768decf
97d14380639620ef5bc198e20ed2fa2cafb62cfb343d7b9e88cf294f9155407d
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98d50c36c1bdb00396a07b55d2e3d42141149a3e1f0859514d664454c9c7ad38
997b452c0f83d518b4d5bcdefdf891f4ea8d92c536fd8d068cf10dcd804e9f04
99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf
9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7
a2048cfb877852f26b5f7837be5580564370ced967664ed1319a5675a6d2b155
a2eb1d8b99f9627d9144ef66506ef6d858162d01f23a3f768a8695241d563ee4
a3e9505934fb894a88dbea3297bd5273091adf2aa3d4c42d7b6552a18707c21a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a84e18f7c6d146ce37634fb2c239ec05ee278cadcc1daec3372b993c61bdab33
a909c962d82e3f05fbdf8a756850a48561c092348b29fb3ec30b5ddd74796894
aa4c45af33f1bc0382f53c7107000abc7181825ecec5c1013b5d8b060d32fb03
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4226fe5329d5e56744ae24b393cb8a3a8ab895661b294972bd516cd388e0f0d
b987f0debfc54bd4a3064058474da6f8423c9d1ec4966e3a3ba0fdeb942f67d1
bd7fc0a8c2a44c5aac91aad44a890b85bbb77c9cca75f415e97c8c62546e359d
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c358f8c4870cf6304d9602dcea077dc1f2bd8836c38e539a3b3697088ccd3818
c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d
cc83472d1c276ec384a4efb40f6ea35e6fe0cefe390da3b5125c53a547d6a3e8
cc8e6baca99f4ec168c13266a5e9a3cb77e70f91576357675d9bc609f20a9778
ccacf2032850044551455acc1d8c083604b61957218bf8445957eec32997d201
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0a573bb767c66bda639eb551f06915679d77c34e2833f2b59c780adf43c6da6
d17f29657ca9442ee39565b481c0f68e783c1dd99767da74eb872f7228b05aa5
d2e31a1e3b6873caa1a5d66dba90568ab55b9362d642c2a36847066633d62ff4
d3cf3387684841d812d58964b4a81c701f4b93d564aa09b7a25c71cccce77f7e
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069
d529b5d90e70fae0b1bba85143c7a1597386470b10768c06218dcc19c6c0660b
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d6186e9d2b7599c0a347cc8222cdfe3b1e558cd72b9f9b03f54439c628ed70d1
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe
da076f88d3f490de57a5046572600104a042b3ad46f7eb18b87489e980ac9b45
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
df84f7be123672ec0dc04b526561de9c771fc6850852da99cc9cd1c78d0830c3
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e32272da242ceb6ecfad754975bc09782c6229a7a46c58e46cec347aab22be64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d7ad9f57f6cfab7610b8b0855c7937f5ec119be17ac6cf6377553c5e735f98
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9edf115bf3ab4ef7ec524ed24617e32bd83298e0d4882f424d967943c048273
ea87ad73980f7e84e1acee272ec3670ec326915623996fd4ae66e4c01092d67d
ec932c455eda11443b2dc60e323f01a43a8a93eeb5bb281460f90e900f15151b
eec2885f3673c133670a3397098ddc5773a3302be966e24a237f7af765eb466c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0276a30a4a4e452906175d089e368cfd6a230ef1a7f6c4021dc2f68c681404e
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f566849369b47907013f185c5f26ada819725f6ec5c52bc7bd5fd4be0c9d47f5
f5ac216aafa093b7d5509d64c083cbfd67e9ce7117c1544013502142e40503bd
f6112d177769247bc1aa3251ac4021f15714c9f7ae1da34b71ee36b52b085395
f7f0a162513111e5fa747ca6a5c14bd0be2bbd90a6e83b04e834d9bbaa17ab23
f9ca190e54d9f4c4f4d8ba20a8100aae79ae3f11ae6f11f179dd1a53ccae1bd9
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fdfa393e5fb39c4ab607d817e8d0b5fe3573a4a2e3e8554131fbade8d615bcbf