reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://reurl.cc/gaOWLp
Submission Tags: gc
Submission: On December 09 via api (December 9th 2023, 10:12:33 am UTC) from JP — Scanned from JP

Summary HTTP 394 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 90 IPs in 6 countries across 67 domains to perform 394 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 116978.
TLS certificate: Issued by R3 on November 18th 2023. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	35.185.130.121 35.185.130.121	15169 (GOOGLE) (GOOGLE)
2	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
5	34.149.98.30 34.149.98.30	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.65.55 151.101.65.55	54113 (FASTLY) (FASTLY)
1	172.217.175.72 172.217.175.72	15169 (GOOGLE) (GOOGLE)
1 25	142.250.196.98 142.250.196.98	15169 (GOOGLE) (GOOGLE)
11	31.13.82.36 31.13.82.36	32934 (FACEBOOK) (FACEBOOK)
1	35.244.196.223 35.244.196.223	15169 (GOOGLE) (GOOGLE)
62	31.13.82.7 31.13.82.7	32934 (FACEBOOK) (FACEBOOK)
3	142.251.42.206 142.251.42.206	15169 (GOOGLE) (GOOGLE)
1	34.117.23.234 34.117.23.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.21.96.9 104.21.96.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.239.194 104.17.239.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	61.216.47.122 61.216.47.122	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	192.0.78.24 192.0.78.24	2635 (AUTOMATTIC) (AUTOMATTIC)
1	34.149.120.3 34.149.120.3	15169 (GOOGLE) (GOOGLE)
1	13.33.174.24 13.33.174.24	16509 (AMAZON-02) (AMAZON-02)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.78.187 192.0.78.187	2635 (AUTOMATTIC) (AUTOMATTIC)
2	74.125.23.156 74.125.23.156	15169 (GOOGLE) (GOOGLE)
10	157.240.209.14 157.240.209.14	32934 (FACEBOOK) (FACEBOOK)
2	142.250.207.14 142.250.207.14	15169 (GOOGLE) (GOOGLE)
2	142.250.198.3 142.250.198.3	15169 (GOOGLE) (GOOGLE)
4	182.161.74.1 182.161.74.1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.65.185.16 18.65.185.16	16509 (AMAZON-02) (AMAZON-02)
4	142.250.196.129 142.250.196.129	15169 (GOOGLE) (GOOGLE)
1 4	172.217.161.68 172.217.161.68	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.255.159.219 54.255.159.219	16509 (AMAZON-02) (AMAZON-02)
1	18.172.52.87 18.172.52.87	16509 (AMAZON-02) (AMAZON-02)
5	142.251.42.194 142.251.42.194	15169 (GOOGLE) (GOOGLE)
4	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
5	142.251.42.129 142.251.42.129	15169 (GOOGLE) (GOOGLE)
3	142.251.42.202 142.251.42.202	15169 (GOOGLE) (GOOGLE)
21	143.204.126.52 143.204.126.52	16509 (AMAZON-02) (AMAZON-02)
18	142.251.42.161 142.251.42.161	15169 (GOOGLE) (GOOGLE)
24	142.251.42.162 142.251.42.162	15169 (GOOGLE) (GOOGLE)
6	23.61.252.83 23.61.252.83	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.65.185.12 18.65.185.12	16509 (AMAZON-02) (AMAZON-02)
1 1	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
8 18	142.251.222.2 142.251.222.2	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	211.120.53.203 211.120.53.203	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2 2	99.84.133.14 99.84.133.14	16509 (AMAZON-02) (AMAZON-02)
4	143.204.86.97 143.204.86.97	16509 (AMAZON-02) (AMAZON-02)
3	142.250.207.99 142.250.207.99	15169 (GOOGLE) (GOOGLE)
2	116.50.36.71 116.50.36.71	18046 (DONGFONG-...) (DONGFONG-TW DongFong Technology Co. Ltd.)
3	52.192.8.212 52.192.8.212	16509 (AMAZON-02) (AMAZON-02)
1	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.196.195.198 52.196.195.198	16509 (AMAZON-02) (AMAZON-02)
9	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
2 4	35.201.76.93 35.201.76.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.227.249.156 35.227.249.156	15169 (GOOGLE) (GOOGLE)
6	54.95.167.198 54.95.167.198	16509 (AMAZON-02) (AMAZON-02)
1	13.32.50.115 13.32.50.115	16509 (AMAZON-02) (AMAZON-02)
4 6	142.251.42.198 142.251.42.198	15169 (GOOGLE) (GOOGLE)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
1	210.59.219.34 210.59.219.34	3462 (HINET Dat...) (HINET Data Communication Business Group)
6 12	35.190.36.98 35.190.36.98	15169 (GOOGLE) (GOOGLE)
6 6	139.162.78.222 139.162.78.222	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	182.161.74.18 182.161.74.18	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
5	34.149.43.113 34.149.43.113	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.208.216.174 35.208.216.174	19527 (GOOGLE-2) (GOOGLE-2)
2	2.18.148.226 2.18.148.226	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	23.195.84.51 23.195.84.51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	3.112.170.251 3.112.170.251	16509 (AMAZON-02) (AMAZON-02)
1	23.204.139.138 23.204.139.138	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.196.106 142.250.196.106	15169 (GOOGLE) (GOOGLE)
8	52.54.58.110 52.54.58.110	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.199.99 142.250.199.99	15169 (GOOGLE) (GOOGLE)
1	103.229.10.247 103.229.10.247	16509 (AMAZON-02) (AMAZON-02)
1 1	34.142.175.23 34.142.175.23	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	124.146.215.2 124.146.215.2	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	54.254.21.143 54.254.21.143	16509 (AMAZON-02) (AMAZON-02)
9 14	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	52.199.253.73 52.199.253.73	16509 (AMAZON-02) (AMAZON-02)
1 1	184.27.20.221 184.27.20.221	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.195.85.83 23.195.85.83	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	139.99.63.224 139.99.63.224	16276 (OVH) (OVH)
2 5	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
30	157.240.209.8 157.240.209.8	32934 (FACEBOOK) (FACEBOOK)
2	142.250.199.98 142.250.199.98	15169 (GOOGLE) (GOOGLE)
5 6	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
2	172.217.161.34 172.217.161.34	15169 (GOOGLE) (GOOGLE)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	67.220.228.203 67.220.228.203	16509 (AMAZON-02) (AMAZON-02)
2 2	54.250.210.41 54.250.210.41	16509 (AMAZON-02) (AMAZON-02)
1 1	18.65.207.98 18.65.207.98	16509 (AMAZON-02) (AMAZON-02)
1 2	18.65.185.99 18.65.185.99	16509 (AMAZON-02) (AMAZON-02)
1 2	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	131.153.206.102 131.153.206.102	59210 (PHOENIXNA...) (PHOENIXNAP-AS-SG1 PhoenixNAP)
1 1	54.146.33.131 54.146.33.131	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.143.106.89 18.143.106.89	16509 (AMAZON-02) (AMAZON-02)
1	23.204.139.141 23.204.139.141	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.77.5.102 52.77.5.102	16509 (AMAZON-02) (AMAZON-02)
2	142.251.166.120 142.251.166.120	15169 (GOOGLE) (GOOGLE)
394	90

1 35.185.130.121 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.149.98.30 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.98.149.34.bc.googleusercontent.com

storage.reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.55 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.175.72 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.196.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 31.13.82.36 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-nrt1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com

storage.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 31.13.82.7 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-nrt1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.42.206 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.23.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.23.117.34.bc.googleusercontent.com

asset.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.96.9 (None, )

ASN13335 (CLOUDFLARENET, US)

img.gbyhn.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.239.194 (None, )

ASN13335 (CLOUDFLARENET, US)

mma.prnasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.216.47.122 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-216-47-122.hinet-ip.hinet.net

img.racingcharger.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.24 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

creditcards.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.120.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.120.149.34.bc.googleusercontent.com

www.rayskyinvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.174.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-174-24.nrt57.r.cloudfront.net

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

blog.alphaloan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.23.156 (United States)

ASN15169 (GOOGLE, US)
PTR: tg-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 157.240.209.14 (Osaka, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-itm1.fbcdn.net

scontent-itm1-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
external-itm1-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.207.14 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.198.3 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s58-in-f3.1e100.net

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 182.161.74.1 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.185.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-16.nrt57.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.196.129 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f1.1e100.net

124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.161.68 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: nrt20s09-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.255.159.219 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-159-219.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.52.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-52-87.nrt20.r.cloudfront.net

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.42.194 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.42.129 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.42.202 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 143.204.126.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-126-52.nrt20.r.cloudfront.net

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.251.42.161 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.251.42.162 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.61.252.83 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-61-252-83.deploy.static.akamaitechnologies.com

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.185.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-12.nrt57.r.cloudfront.net

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.8 (Japan) 1 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.251.222.2 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (Seattle, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 211.120.53.203 (Japan) 2 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.133.14 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-14.nrt57.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.86.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-86-97.nrt12.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.207.99 (United States)

ASN15169 (GOOGLE, US)
PTR: kix06s11-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)

cm.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.192.8.212 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-8-212.ap-northeast-1.compute.amazonaws.com

cm-dev-poc.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.196.195.198 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-195-198.ap-northeast-1.compute.amazonaws.com

fcm2.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
16aaa93f-db19-42f2-9a72-2b9804af13a1.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.76.93 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.95.167.198 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.50.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-50-115.nrt57.r.cloudfront.net

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.42.198 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.59.219.34 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.190.36.98 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.162.78.222 (Tokyo, Japan) 6 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1558-222.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.74.18 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.149.43.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.43.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ae1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.216.174 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 174.216.208.35.bc.googleusercontent.com

rt.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.148.226 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-148-226.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.195.84.51 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-195-84-51.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.112.170.251 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-112-170-251.ap-northeast-1.compute.amazonaws.com

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.204.139.138 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-204-139-138.deploy.static.akamaitechnologies.com

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.196.106 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.54.58.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-58-110.compute-1.amazonaws.com

p.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.199.99 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.142.175.23 (Singapore, Singapore) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 23.175.142.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.2 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

gdn.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.254.21.143 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-21-143.ap-southeast-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 8.39.36.142 (United States) 9 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.199.253.73 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-253-73.ap-northeast-1.compute.amazonaws.com

ds.uncn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.27.20.221 (Tokyo, Japan) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-27-20-221.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.195.85.83 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-195-85-83.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.99.63.224 (Singapore, Singapore) 1 redirects

ASN16276 (OVH, FR)
PTR: ads15-sgp.stickyadstv.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 157.240.209.8 (Osaka, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-video-shv-01-itm1.fbcdn.net

video-itm1-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.199.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 8.39.36.141 (Los Angeles, United States) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.161.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s23-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.228.203 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.250.210.41 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-250-210-41.ap-northeast-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.207.98 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-65-207-98.nrt57.r.cloudfront.net

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.65.185.99 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-99.nrt57.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync1.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.146.152 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.153.206.102 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.33.131 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-33-131.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.143.106.89 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.204.139.141 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-204-139-141.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.77.5.102 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-5-102.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.166.120 (United States)

ASN15169 (GOOGLE, US)
PTR: gl-in-f120.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
97	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 953 scontent-itm1-1.xx.fbcdn.net — Cisco Umbrella Rank: 231760 external-itm1-1.xx.fbcdn.net video-itm1-1.xx.fbcdn.net	3 MB
50	doubleclick.net 13 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139 pubads.g.doubleclick.net — Cisco Umbrella Rank: 414	451 KB
46	googlesyndication.com 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com	235 KB
38	holmesmind.com 2 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 132288 cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 171925 fcm.holmesmind.com — Cisco Umbrella Rank: 210108 fcm2.holmesmind.com — Cisco Umbrella Rank: 154750 c.holmesmind.com — Cisco Umbrella Rank: 107592 m.holmesmind.com — Cisco Umbrella Rank: 190604 ad.holmesmind.com — Cisco Umbrella Rank: 104322	252 KB
24	rubiconproject.com 16 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 339 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 461 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237	29 KB
18	appier.net 12 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 52931 gocm.c.appier.net — Cisco Umbrella Rank: 2197	4 KB
12	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 923 cdn.flashtalking.com — Cisco Umbrella Rank: 1337 d9.flashtalking.com — Cisco Umbrella Rank: 1842 secure.flashtalking.com — Cisco Umbrella Rank: 2874	187 KB
11	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 489 rtb0.doubleverify.com — Cisco Umbrella Rank: 754 tps.doubleverify.com — Cisco Umbrella Rank: 505 tpsc-ae1.doubleverify.com — Cisco Umbrella Rank: 15385	234 KB
11	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 38270 go.trvdp.com — Cisco Umbrella Rank: 34674 s.trvdp.com — Cisco Umbrella Rank: 30609 p.trvdp.com — Cisco Umbrella Rank: 25583	147 KB
11	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	96 KB
9	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 84860 16aaa93f-db19-42f2-9a72-2b9804af13a1.t.ssp.hinet.net	9 KB
8	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 285 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807	5 KB
8	google.com 1 redirects analytics.google.com — Cisco Umbrella Rank: 152 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 93	3 KB
7	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643 us-u.openx.net — Cisco Umbrella Rank: 491 jp-u.openx.net — Cisco Umbrella Rank: 15595	2 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	97 KB
6	criteo.com gum.criteo.com — Cisco Umbrella Rank: 424 bidder.criteo.com — Cisco Umbrella Rank: 776	13 KB
6	reurl.cc reurl.cc — Cisco Umbrella Rank: 116978 storage.reurl.cc — Cisco Umbrella Rank: 432247	6 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487	369 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	104 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	319 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	229 KB
4	yahoo.com 4 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474 ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	2 KB
4	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 27502	17 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 331	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
4	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	57 KB
3	socdm.com 2 redirects tg.socdm.com — Cisco Umbrella Rank: 1450 gdn.socdm.com — Cisco Umbrella Rank: 105634	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 1010	523 B
2	intentiq.com 1 redirects sync.intentiq.com — Cisco Umbrella Rank: 846 sync1.intentiq.com — Cisco Umbrella Rank: 2869	2 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 563	1 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 526	1 KB
2	lndata.com cm.lndata.com — Cisco Umbrella Rank: 161265	940 B
2	ladsp.com 2 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 25818	1 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	13 KB
2	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133 prebid-asia.creativecdn.com — Cisco Umbrella Rank: 26644	2 KB
2	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 26283	515 B
2	re-news.tw storage.re-news.tw asset.re-news.tw	435 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	110 KB
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	280 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 866	647 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 836	493 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 751	449 B
1	primis.tech 1 redirects live.primis.tech — Cisco Umbrella Rank: 1398	558 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 327	514 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	17 KB
1	uncn.jp 1 redirects ds.uncn.jp — Cisco Umbrella Rank: 28404	514 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	712 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	464 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	25 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1586	63 KB
1	ad-score.com rt.ad-score.com — Cisco Umbrella Rank: 27242	591 B
1	scupio.com prebid.scupio.com — Cisco Umbrella Rank: 92120	2 KB
1	microad.jp 1 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 17722	526 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1352	5 KB
1	alphaloan.co blog.alphaloan.co	181 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3858	107 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 5797	248 KB
1	rayskyinvest.com www.rayskyinvest.com	612 KB
1	creditcards.com.tw creditcards.com.tw	49 KB
1	racingcharger.tw img.racingcharger.tw	307 KB
1	prnasia.com mma.prnasia.com — Cisco Umbrella Rank: 534895	18 KB
1	gbyhn.com.tw img.gbyhn.com.tw	76 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	92 KB
1	anymind360.com anymind360.com — Cisco Umbrella Rank: 20760	42 KB
394	67

	Domain	Requested by
57	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
30	video-itm1-1.xx.fbcdn.net	static.xx.fbcdn.net
24	pagead2.googlesyndication.com	124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com reurl.cc securepubads.g.doubleclick.net a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com imasdk.googleapis.com www.google.com
21	cdn.holmesmind.com	securepubads.g.doubleclick.net cdn.holmesmind.com ad.holmesmind.com reurl.cc
18	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net google-bidout-d.openx.net a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com reurl.cc
18	tpc.googlesyndication.com	reurl.cc 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
16	securepubads.g.doubleclick.net	1 redirects reurl.cc securepubads.g.doubleclick.net www.googletagservices.com
14	pixel.rubiconproject.com	9 redirects reurl.cc
12	ad2.apx.appier.net	6 redirects reurl.cc
11	www.facebook.com	reurl.cc static.xx.fbcdn.net connect.facebook.net
8	p.trvdp.com	reurl.cc
8	t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net
8	scontent-itm1-1.xx.fbcdn.net	www.facebook.com reurl.cc
6	token.rubiconproject.com	5 redirects eus.rubiconproject.com
6	pubads.g.doubleclick.net	imasdk.googleapis.com
6	gocm.c.appier.net	6 redirects
6	ad.holmesmind.com	cdn.holmesmind.com reurl.cc
6	cdn.doubleverify.com	124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com cdn.doubleverify.com reurl.cc cdn.flashtalking.com
5	s.amazon-adsystem.com	2 redirects reurl.cc
5	cdn.flashtalking.com	servedby.flashtalking.com cdn.flashtalking.com 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com reurl.cc
5	ad.doubleclick.net	4 redirects 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.googletagservices.com	securepubads.g.doubleclick.net 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
5	connect.facebook.net	storage.reurl.cc connect.facebook.net fcm2.holmesmind.com cdn.holmesmind.com
5	storage.reurl.cc	reurl.cc
4	c.holmesmind.com	2 redirects cdn.holmesmind.com
4	stg.truvidplayer.com	go.trvdp.com s.trvdp.com reurl.cc
4	match.adsrvr.org	4 redirects
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	gum.criteo.com	static.criteo.net gum.criteo.com
4	www.google.com	1 redirects reurl.cc tpc.googlesyndication.com
4	static.criteo.net	securepubads.g.doubleclick.net cdn.holmesmind.com reurl.cc
3	aax-eu.amazon-adsystem.com	2 redirects reurl.cc
3	d9.flashtalking.com	cdn.flashtalking.com d9.flashtalking.com 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
3	cm-dev-poc.holmesmind.com	cdn.holmesmind.com
3	fonts.gstatic.com	fonts.googleapis.com
3	googleads.g.doubleclick.net	124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com reurl.cc pagead2.googlesyndication.com
3	fonts.googleapis.com	securepubads.g.doubleclick.net a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
3	www.google-analytics.com	storage.reurl.cc www.google-analytics.com reurl.cc
2	csi.gstatic.com	imasdk.googleapis.com
2	tpsc-ae1.doubleverify.com	cdn.doubleverify.com
2	ups.analytics.yahoo.com	2 redirects
2	capi.connatix.com	1 redirects reurl.cc
2	match.prod.bidr.io	2 redirects
2	adservice.google.com	reurl.cc
2	www.googleadservices.com	a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
2	ads.stickyadstv.com	1 redirects reurl.cc
2	eus.rubiconproject.com	s.trvdp.com eus.rubiconproject.com
2	pr-bh.ybp.yahoo.com	2 redirects
2	imasdk.googleapis.com	s.trvdp.com imasdk.googleapis.com
2	a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	secure.flashtalking.com	124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
2	tps.doubleverify.com	cdn.doubleverify.com
2	servedby.flashtalking.com	124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
2	bidder.criteo.com	static.criteo.net
2	external-itm1-1.xx.fbcdn.net	reurl.cc
2	m.holmesmind.com	cdn.holmesmind.com
2	cm.lndata.com	cdn.holmesmind.com
2	cr-p3.ladsp.com	2 redirects
2	jp-u.openx.net	google-bidout-d.openx.net
2	tg.socdm.com	2 redirects
2	us-u.openx.net	google-bidout-d.openx.net
2	oajs.openx.net	1 redirects reurl.cc
2	124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google.co.jp	reurl.cc
2	analytics.google.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	cdn.jsdelivr.net	reurl.cc
1	match.sharethrough.com	reurl.cc
1	hb.yahoo.net	reurl.cc
1	sync.ipredictive.com	1 redirects
1	prebid.a-mo.net	reurl.cc
1	sync1.intentiq.com	reurl.cc
1	sync.intentiq.com	1 redirects
1	live.primis.tech	1 redirects
1	px.ads.linkedin.com	reurl.cc
1	pixel-us-east.rubiconproject.com	1 redirects
1	s0.2mdn.net	imasdk.googleapis.com
1	secure-assets.rubiconproject.com	1 redirects
1	ds.uncn.jp	1 redirects
1	gdn.socdm.com	a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
1	www.gstatic.com	a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
1	cdnjs.cloudflare.com	cdn.flashtalking.com
1	code.createjs.com	cdn.flashtalking.com
1	16aaa93f-db19-42f2-9a72-2b9804af13a1.t.ssp.hinet.net	cdn.holmesmind.com
1	rt.ad-score.com	s.trvdp.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	prebid.scupio.com	cdn.holmesmind.com
1	prebid-asia.creativecdn.com	cdn.holmesmind.com
1	s.trvdp.com	go.trvdp.com
1	fcm2.holmesmind.com	cdn.holmesmind.com
1	fcm.holmesmind.com	cdn.holmesmind.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	s-cs.send.microad.jp	1 redirects
1	go.trvdp.com	cnt.trvdp.com
1	cnt.trvdp.com	securepubads.g.doubleclick.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	blog.alphaloan.co	reurl.cc
1	i0.wp.com	reurl.cc
1	static.wixstatic.com	reurl.cc
1	www.rayskyinvest.com	reurl.cc
1	creditcards.com.tw	reurl.cc
1	img.racingcharger.tw	reurl.cc
1	mma.prnasia.com	reurl.cc
1	img.gbyhn.com.tw	reurl.cc
1	asset.re-news.tw	reurl.cc
1	storage.re-news.tw	storage.reurl.cc
1	www.googletagmanager.com	reurl.cc
1	anymind360.com	reurl.cc
1	reurl.cc
394	116

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2023-11-18` - `2024-02-16`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
storage.reurl.cc GTS CA 1D4	`2023-10-14` - `2024-01-12`	3 months	crt.sh
anymind360.com R3	`2023-10-25` - `2024-01-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-17` - `2023-12-16`	3 months	crt.sh
storage.re-news.tw GTS CA 1D4	`2023-12-07` - `2024-03-06`	3 months	crt.sh
asset.re-news.tw GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
gbyhn.com.tw GTS CA 1P5	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.prnasia.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-11-24`	a year	crt.sh
img.racingcharger.tw cPanel, Inc. Certification Authority	`2023-10-22` - `2024-01-20`	3 months	crt.sh
tls.automattic.com R3	`2023-12-08` - `2024-03-07`	3 months	crt.sh
*.rayskyinvest.com R3	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-03` - `2024-01-30`	6 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.trvdp.com Amazon RSA 2048 M01	`2023-07-26` - `2024-08-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.truvidplayer.com Amazon RSA 2048 M02	`2023-01-22` - `2024-02-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.lndata.com GeoTrust RSA CA 2018	`2022-11-23` - `2023-12-24`	a year	crt.sh
*.t.ssp.hinet.net	`2023-04-06` - `2024-04-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2023-09-27` - `2024-10-27`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-04` - `2024-05-03`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2023-07-19` - `2024-08-19`	a year	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 37 frames:

Primary Page: https://reurl.cc/gaOWLp
Frame ID: 258C830345A5BF443E0F219BD1B49494
Requests: 65 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: AC2C95957B8398D57C173883703C6413
Requests: 40 HTTP requests in this frame

Frame: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BA803C9811D1A8393EA7176C248F1CEF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstL25jIaLQ2k4uZH9mFC8VQux75QKcE4iZAcVW16rhzjrh4uh8g0nbrDHyelUiya6xHfvUXodpyWlxnZVSf5GmAGeLMw48XBDUuR4wcedwTlGQ1VZ_5gZYhMmQSxpS5yLvQDMFka7W0fSnFM-3EV4LRi5kCLHtsjeZCB8yuQQ8xfYMM1HYqTzfFRTDwPwT2ddYAZ3B5hcG8tSuSAAX50A5aXnY9ByZXAvuGyJ4MyXcNMDcb64cWJIfhUUPNvOfQ7lfL8y0mdN_HiA2egmyPt1IKYBssQrkILpokUfXvEC30vM0jYQunLMcEjCcJ9CyHsqbC5hdmT4u2RTsvZxbIJXcvQNDeRC8-67t9HoQAYTpjwB1B9heMHDCzorA&sai=AMfl-YTOjgl1GbaLkG8CBFuMSZQP_OtIYD6kr6ehzpCGTQExD-2NURqV6ju1vcAwMKtPqevX-qmMvHtVg924iIaQnDMnaxxkZ6qilZMgAGdES5NUurSQJsh-x2xlN7GOq3u-v_Be_D5i5hXTyrdPaYwA2K1ZTtyPrYkXGO1ekA&sig=Cg0ArKJSzMM9EMv5hx8pEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 5129B2896E7CF7B4BE053ECC24FBA785
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Frame ID: 3F585E53BD0BF00A24D68C55B037D4D8
Requests: 2 HTTP requests in this frame

Frame: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BE221F0E86E84D0283FAC286579197D7
Requests: 28 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: E94C255507190E73D39B0A1565B3FDE9
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssW3-ikgXXJyEJfi_Av67_RBavKUaOZoV6oDGNyvEte6DhqEE1wu5T4qeWeabYC7PlnqnG0NHhKpzRyk0BOOKXAOmDG4sBmRJQrUELlT3fQyuMSdc726aSA9Vt1MP_gVBHZDDX_hI17GtQPUuOzS3HzZsVd_lqAiQlojFmMxfuoCtxiwCTDi9EcadvWwaOR0v5yHUc16TTPJ3tqqNfOVyMB8nARCtRx3eECwdhT6CIsr6sypyt-hYw6EYdAvUwDQKfs_Uk4ivn-UYFKCMIvMb73BL5gHUIVvMFGVeBvdbUr_j0J6jR4-xhbBt-CWrjo0eXFbMvQ5DJwMgKoJmcSbM00jVbP9KvZGBjEEy582-ShBOn13Xj_8QZQg7VWsxVZ&sai=AMfl-YRWfKHI9lRJThzzfiWmqBscTFU1ZQjTeSc0FA7n8-chLhQZqSmdqmwDJoJ7FKuPuurfT2pqXm8IZFPICvVhOG7bxITihd9qP10oAxcOqDe8DYfno89KlfARDY9CeqvoheIGjwhGrZWSeHsOakxEUhvqZgwoiPXPRA9c-Q&sig=Cg0ArKJSzEjPbc5y2QvpEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: D5C863EBB1449535A1213348A85AAB11
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvwjEoay2KOFiderVndt1Ylvbha9jp0Aa6eybLIh5xPsY8dgCtmF5kTmi12fZDoMlcFroj-pbH0p6J6LX5OGFkjjqS84SOZdOsgNM-ZgWoXyS5aMFfnJhA3DoozmF1R72K7ce7L8Ar80OzwQOChFe4v4yE5U3xSND352ZfG0a_EIPRUlJsRIpZY7eCLiXQks_zVyXx5RjQvgQsmpwPuGnys_Snvr4gglNgoiIgPfoUvZmi-pXp9UGQSLECwXfL0tP2iP3-kplni0F_DESoRfQ8hEvCBiTjC9aZrb5p-bVBYnzaHoJMkl8LIFhYR4TdMkKcuCV_Svguevhj5CFBk-FVXQdiKvfBQCktZ5FXp-8KBQR-0MM2sTDqFJrVJY1Z&sai=AMfl-YSAxCXiHmaOlN7g26lhtE65eMIcwC2hy-_MZznpjCYA9PlxQ1UiHrBYnUHmZ6eHufOVSzm0glxP8DXEgFktaDvaADtpgnMp6IeZnjmvHJgR3Mn9cglpCp6gkJ4ubMxscg0BrFazBzdtuTeJ8OluHnnTtlneTP4OzEy4oA&sig=Cg0ArKJSzElHoqIGZgOfEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: C7F9FE73C2E8864C712B17F8DA2135CF
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNV1akUUUkioIYDcZk6C_0uR-AbwTNq5Ij1FeynUSdaOA7hQPFTtR0R231LWlJcGiocikiRH_AuJeMf-jG3Y5qZtgGLoDA
Frame ID: 76D6193C1D501B95E8988986EC4280EF
Requests: 4 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: B798914200D44B79B3862F02FDA4F27F
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 4F9C34FF589EA2D330AEC6DABB896E8B
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: D8A533ED51D60A0FADD63D299A9631A7
Requests: 25 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 21BBB3437DE618B68387D0848B8880D4
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: F8CCE15B0F41BBF6BE3BF9E6D41D2B62
Requests: 13 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: D2453E272C9E081D0A04268E131A5CE3
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 15413D506445BBB4B8E893554FC2D8B8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2F4902C68151E9DEDA20EEEECD882EB6
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5084.js
Frame ID: B8B87D393E7115292DE52869B9EBC074
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/image/23000/609a296ec62f194de981d39962985aa6.jpg
Frame ID: 7DF63BB5FE00F5657E82C3CFD6824EDB
Requests: 5 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/116351/4476205/index.html
Frame ID: 875F6E488C00D84F36F3094606679B0C
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: AA7AF0F15C7B459DE7A3BFEF165DA05D
Requests: 6 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5084.js
Frame ID: 8EBA153BAF148EBA6922212D0D0687AC
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaead1972ddc94%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff2c98458ef3a95%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
Frame ID: 2F1A3E4EE29E1448A21DE323D288CF5E
Requests: 69 HTTP requests in this frame

Frame: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 84B0E7E9CE19AB2F9FE36203A2661A7F
Requests: 1 HTTP requests in this frame

Frame: https://stg.truvidplayer.com/v5.832/prtct.php?val=c&geo=JP&timestamp=1702116747&level=1
Frame ID: FB4CF81B339DA6B0D823E4D03D40C1A3
Requests: 1 HTTP requests in this frame

Frame: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 48174A08E35E78A96909BEF1C6ACC20A
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D67306A9F64BE4FCF1B35EB398B27C95
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 78336494D4685792829FCF82CE2B4A1D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 00C9B9F6D9D1B7EA66A5C688DA6B3BCA
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Frame ID: D1650683DF82A0D2DD2361E3CBDDEEDB
Requests: 20 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Frame ID: 7A960DFD77A8A62A80E460F34B42ADE4
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 47A1F0024ADFA618B6E0C857E5747CAF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 7C66933928F4BD00E8E8106287DF1BB9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 6F4893BD755994A200FC3C14146898D6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E02871ECDC69DBB45CFC2EA05D26E506
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AA7068E74A6B6DF9085C141735DBE94C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

縮短網址產生器 - reurl

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

394
Requests

88 %
HTTPS

0 %
IPv6

67
Domains

116
Subdomains

90
IPs

6
Countries

8223 kB
Transfer

21924 kB
Size

89
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://re-news.tw/
Title: 離開此頁

Search URL Search Domain Scan URL

URL: https://re-news.tw/renews/155

Search URL Search Domain Scan URL

URL: https://re-news.tw/gbyhn/53187

Search URL Search Domain Scan URL

URL: https://re-news.tw/prnasia/4288952_XG88952_2

Search URL Search Domain Scan URL

URL: https://re-news.tw/racingcharger/45287

Search URL Search Domain Scan URL

URL: https://re-news.tw/creditcard/604

Search URL Search Domain Scan URL

URL: https://re-news.tw/rayskyinvest/111057

Search URL Search Domain Scan URL

URL: https://re-news.tw/zocha/6529021929c8b98fa9eb5390

Search URL Search Domain Scan URL

URL: https://re-news.tw/golike/21512

Search URL Search Domain Scan URL

URL: https://re-news.tw/alphaloan/20451

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: 表情符號(emoji)

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: IP查詢

Search URL Search Domain Scan URL

URL: https://youtils.cc/big5gb
Title: 繁簡轉換

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QRCode

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: 身高/長度換算

Search URL Search Domain Scan URL

URL: https://www.comptw.com/
Title: 台灣公司查詢網

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: 台股資訊網

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: 字數統計

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: 日期計算機

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: 農曆轉國曆

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: UTM網址

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1

Request Chain 102

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDgmeW67rQqrxZ3502MIiRg&google_cver=1

Request Chain 104

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXQ9iNx9vzgpChm6luESQQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDgmeW67rQqrxZ3502MIiRg&google_cver=1

Request Chain 106

https://match.adsrvr.org/track/cmf/openx?oxid=b2695117-fbb4-738f-f350-b0718e506aba&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=b2695117-fbb4-738f-f350-b0718e506aba&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=20eac2e6-e637-402c-857d-30de4caf371f&ttd_puid=b2695117-fbb4-738f-f350-b0718e506aba&gdpr=0&gdpr_consent=

Request Chain 107

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXQ9icCo5sAAAN-pZaUAAAAA

Request Chain 108

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZRGvO8IzMgHks8AEDqSZJQvhs8AAAGMThBgGA

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIHirgmqSeM4AU2D_GV_Eos&google_cver=1

Request Chain 123

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 130

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEDQMJp8RS3gz7ZmBCyOnYK0&google_cver=1

Request Chain 146

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEDQMJp8RS3gz7ZmBCyOnYK0&google_cver=1

Request Chain 174

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=IVwhxpC-Aruy4MeEiT10ZQ

Request Chain 175

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=Iy3fz7gJCZqXRFoaiT10ZQ

Request Chain 176

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=CK50KXV9DzKc4xaOiT10ZQ

Request Chain 177

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=8IHgWBdACiCJIvPLiT10ZQ

Request Chain 178

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=q2jE0XZ_B72Bjtl6iT10ZQ

Request Chain 180

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=RGx8mb12BRyLvzL_iT10ZQ

Request Chain 275

https://um.simpli.fi/gp_match?google_gid=CAESEHUbXWEcdQYqE_mDsNaFrJI&google_cver=1&google_push=AXcoOmTOcazGBxviS72fvwa4muCt3G6YhGattD5eI91qeLwLd1nWOw2F2X6qmvJXjVvxHRTP7J1RjY3R6F_I5wQpgGG_2rtoTNXI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DA1FA6630AC4537ACAE3051E7A22EF4&google_push=AXcoOmTOcazGBxviS72fvwa4muCt3G6YhGattD5eI91qeLwLd1nWOw2F2X6qmvJXjVvxHRTP7J1RjY3R6F_I5wQpgGG_2rtoTNXI

Request Chain 276

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEd6u2XYitXjgS8vQb2gvGA&google_cver=1&google_push=AXcoOmR68v5D0Q1KE2MoQjOgAwXIGaqLwfeqpCndi5qg6pma7vkUaC1ctmw5KFQyuLOQ7JNxP4kmRMk7er2G8lyHFIeT9O4UYI8NoA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjBlYWMyZTYtZTYzNy00MDJjLTg1N2QtMzBkZTRjYWYzNzFm&google_push&gdpr=0&gdpr_consent=&ttd_tdid=20eac2e6-e637-402c-857d-30de4caf371f

Request Chain 277

https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEOMojaUQPJlNX4plumC67LE&google_cver=1&google_push=AXcoOmSf-tAwf3E2uP9QBVglX9d98d-rrbBSdjAh5NLbpdh3JA7ZsW5sfabljdulu8VONG3qO5Dnk9fOJ6RtwkMoHl8GtF8CSDx63g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WlhROWk4Q281c0FBQU4tcFpjZ0FBQUFB HTTP 302
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEOMojaUQPJlNX4plumC67LE&google_cver=1

Request Chain 278

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMUNcPKcPE-KnML9J2YPFos&google_cver=1&google_push=AXcoOmRcPByMVGIZOQe3b9RSfTovfaqFEn4uO7sGZ9UKKxFTwHN-s-PQFP3hudv-l7JzSdGv70P1W5KuqXon-w5GXIPYrkAEXajpyQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRcPByMVGIZOQe3b9RSfTovfaqFEn4uO7sGZ9UKKxFTwHN-s-PQFP3hudv-l7JzSdGv70P1W5KuqXon-w5GXIPYrkAEXajpyQ&google_hm=eS1hRXB2TGtWRTJwRUp1amgwZmh5RWhReGlibS4yb0dJQn5B

Request Chain 279

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFU-e7fsQcEkT3z4X_yCLyA&google_cver=1&google_push=AXcoOmTkEIXfL9LScv91tqaXk5Y4vwD4QaP3v3loZnHxCiKrlzQtPnIkqsaUsQTHosvSZ-bR375WvXSO3dS3wrFLoG4JPIwwkacAAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYV0Q0NFItMjEtNlRTWQ==&google_push=AXcoOmTkEIXfL9LScv91tqaXk5Y4vwD4QaP3v3loZnHxCiKrlzQtPnIkqsaUsQTHosvSZ-bR375WvXSO3dS3wrFLoG4JPIwwkacAAA

Request Chain 280

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESELJHB5KfCYelWIAvWwxGOwY&google_cver=1&google_push=AXcoOmROYDv2tk8LbiDzAMSJeLfnk0YYa2DAhUCf1rnRbb1KqNzN7h3Ws2IH2AMQJ9CGm38dnV5HkDWcJHSN5Taf5mYmu_UHc9iMsQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmROYDv2tk8LbiDzAMSJeLfnk0YYa2DAhUCf1rnRbb1KqNzN7h3Ws2IH2AMQJ9CGm38dnV5HkDWcJHSN5Taf5mYmu_UHc9iMsQ&google_hm=AexUNF0XHE1uoSV_RhTRrIM

Request Chain 286

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

Request Chain 288

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=7bcb19aa43bddf05bc0bad6ad541f82&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 303

https://securepubads.g.doubleclick.net/pagead/adview?ai=C3-8lij10ZaaNKeKY29gPmemrmASSgKzadJn4yvWzEWQQASDSzIEaYImL24TIFKAByIadpAPIAQmpAgTpx1W3oT0-4AIAqAMByAPLBKoEsQJP0JhNPqAqGbKcKQMkoiluLNaVBIrchoSeJ73XB1rEV24Ql7GTehAWtvNV63GtTVho-o7fp7V4MQtD5zf-MpnuZ29wTm-SS1X2B7lqjQKrHlp7UhdfVopLyZgk3x9Z4zasrx-Q91O9fLQt2GzfUXh8f_Fu7FeoY-YwX20tousZP9PDSwANdWSTyEPJyhd1s-E-MKXPaQquL-dzY_ua4MY9Sh_5stcle_UQ9S9qfmZY7LGMXPM5QzeSR7aSs-Rah5n9GR8-XT4B6gzFFGs7re4J_VMnL_Jz9P0erUf2eLLqUAerh5TuHYKs1GJbVcn43dzCmSRBDo6XQIC6atuIa1IPcIMUjjEX6Z9c4SFY7gd5QT0uaV3BD6OD_QNRm10L0kSS1Fub4ha2Bm8jxk-Z4rDGmMAEidH5kqYE4AQBiAXL_cuHS5IFBAgEGAGSBQQIBRgEoAYugAeg-eJbqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQn4AD0ggdCIBhEAEYHTICigI6AoBASL39wTpYmrqzgI-CgwOaCSxodHRwczovL3d3dy5waXp6YWh1dC5qcC90b3BpYy9odXRkYXkvdGFrZW91dIAKA8gLAZgMrN_KhrIEogwQKg4KDOS0sQLutbECtbixAtoMEQoLEPDardnljpXotQESAgED4g0TCJPns4CPgoMDFWLMFgUdmfQKQ7gTgwTYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=XMvwHYMnDrY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNH_BVnxl2p8wuMQg6D4I4Y11XVH414WEAmsuPrYiAgCqO3I0tMDtUU-OfUrUnZcdl343blHvYGAE&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7dc10bcfbf397ce10000000000000000%22,%222%22:%220x9465210d30641e000000000000000000%22,%223%22:%220xc363cca6bce1a80e0000000000000000%22,%224%22:%220xb04470f6d2b814b50000000000000000%22,%225%22:%220xfd72e5f09eeed1e80000000000000000%22},%22debug_key%22:%2217755392585254900515%22,%22debug_reporting%22:true,%22destination%22:%22https://pizzahut.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22881279816%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22582647946980985857%22}&andc=true

Request Chain 332

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=truvid&khaos=LPXWD4NE-1U-KWIN HTTP 302
https://stg.truvidplayer.com/usersync.php?provider_id=rubicon&user_id=LPXWD4NE-1U-KWIN

Request Chain 334

https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;ord=1 HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CK_rsIGPgoMDFbZzDwIdKasPWA;src=1295336;type=cs;cat=Viewa0;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CK_rsIGPgoMDFbZzDwIdKasPWA;src=1295336;type=cs;cat=Viewa0;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;ord=1

Request Chain 335

https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1%7Chttps://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=1295336;dc_pre=CNSBsYGPgoMDFYNtDwIddUMIfw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1%7Chttps://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CNSBsYGPgoMDFYNtDwIddUMIfw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1%7Chttps://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 337

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKJvh-T96Zcl0b9-jf2YkvA&google_cver=1

Request Chain 338

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/9YEyWYxRdxI6eBwRVcnTJcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kCTCdElE2oJAP97KqMTP6KM.LKXczyaBUxtZHg--~A

Request Chain 339

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=h2CFfWxwSRWZxriUAksGqw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=h2CFfWxwSRWZxriUAksGqw

Request Chain 340

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPXWD4NE-1U-KWIN

Request Chain 341

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBYV0Q0TkUtMVUtS1dJTg== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFU-e7fsQcEkT3z4X_yCLyA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYV0Q0TkUtMVUtS1dJTg==&google_push=

Request Chain 342

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5auOixNiRtqrcPf5O92aQQ&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5auOixNiRtqrcPf5O92aQQ

Request Chain 343

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=20eac2e6-e637-402c-857d-30de4caf371f&gdpr=0&gdpr_consent=&expires=30

Request Chain 344

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjc2ZWJkNzdkZWZjNDRkYjQ2ZDAzNTUxMGUyNmJmYmZjM2IyNThhMA

Request Chain 345

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LPXWD4NE-1U-KWIN&ex=d-rubiconproject.com&status=ok

Request Chain 346

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB0A07K6HsAABPX7Xkm1g&expires=30

Request Chain 347

https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPXWD4NE-1U-KWIN HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPXWD4NE-1U-KWIN HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPXWD4NE-1U-KWIN&ckls=true&ci=SLvU4qHrvJ&nc=false&trid=-1033850490

Request Chain 348

https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
https://capi.connatix.com/us/pixel?puid=LPXWD4NE-1U-KWIN&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://capi.connatix.com/us/pixel?puid=LPXWD4NE-1U-KWIN&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

Request Chain 349

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LPXWD4NE-1U-KWIN

Request Chain 350

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=3766f758-cd66-4777-9d13-f1781d8da9bb&expires=30

Request Chain 351

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPXWD4NE-1U-KWIN&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPXWD4NE-1U-KWIN&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1jRFRFOFFwRTJ1R3d5a3VzMXAyMjFpeW5DTlV1X1dLX35B&ovsid=LPXWD4NE-1U-KWIN&dpid=58160

Request Chain 352

https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPXWD4NE-1U-KWIN

394 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request gaOWLp Show response
reurl.cc/ 10 KB
3 KB 235ms
112ms Document
text/html 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3fc5eee39e17db2effb093b1b3cce726bc9bbe579dccf463cb3866d009e4a997

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 09 Dec 2023 10:12:22 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx/1.18.0 (Ubuntu)
target: https://cla2.cn/SpY
vary: Accept-Encoding Origin
x-request-id: 3c122594-be30-4e66-b4e3-1d0e789149c0

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
26 KB 402ms
33ms Stylesheet
text/css 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 09 Dec 2023 10:12:22 GMT
x-content-type-options: nosniff
content-encoding: br
age: 12733282
x-jsd-version: 4.3.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25648
x-served-by: cache-fra-eddf8230028-FRA, cache-itm18847-ITM
x-jsd-version-type: version
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
storage.reurl.cc/stylesheets/rwd/ 2 KB
1 KB 98ms
40ms Stylesheet
text/css 34.149.98.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/stylesheets/rwd/style.css?v=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:11:01 GMT
content-encoding: gzip
via: 1.1 google
age: 25281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 904
x-request-id: bd99a160-99e2-443d-b49a-306d513aa7c4
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 ats.js Show response
anymind360.com/js/9479/ 177 KB
42 KB 106ms
33ms Script
application/javascript 151.101.65.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/9479/ats.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

226d20c2725e876a96edabbbad4ca3709478995aac12ff27b7efff45d73d96c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Sat, 09 Dec 2023 03:01:24 GMT
date: Sat, 09 Dec 2023 10:12:22 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 25858
x-guploader-uploadid: ABPtcPoxd1RgEOeo5xsIJpJmu0fJmdJE_LTf2lvIXeMpWqn0MTsniZIpNdOEUcnhpJFT4gLpVUM
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 42279
x-served-by: cache-tyo11954-TYO, cache-itm18850-ITM
last-modified: Mon, 20 Nov 2023 09:15:25 GMT
server: UploadServer
x-timer: S1702116742.337912,VS0,VE0
etag: "dc1bad45759bbb89536459f2c34eaa21"
vary: Accept-Encoding
x-goog-generation: 1700471725490318
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=3IRkSQ==, md5=3ButRXWbu4lTZFnyw06qIQ==
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 42279
accept-ranges: bytes
x-cache-hits: 140, 2

GET
H2 200 pixel.js Show response
storage.reurl.cc/javascripts/ 429 B
524 B 35ms
35ms Script
text/javascript 34.149.98.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 06:55:47 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 11795
vary: Origin
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 429
x-request-id: 5489c628-f131-4d3c-9ebe-f91ce0a157bc

GET
H2 200 ga2.js Show response
storage.reurl.cc/javascripts/ 536 B
631 B 31ms
30ms Script
text/javascript 34.149.98.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/ga2.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:59:52 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 18750
vary: Origin
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 536
x-request-id: 1648eaf7-8935-4a30-8784-a28349fa071b

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
92 KB 613ms
170ms Script
application/javascript 172.217.175.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8448d16c4463c05f338c8d4d8c64a33114ead268154ff97db182109bfe5169f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93962
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 10:12:23 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
30 KB 609ms
186ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

d71475b44d619ac3cb38c8c61807e497b11ea110d0fbfe007a814b2faa88e4cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30279
x-xss-protection: 0
server: cafe
etag: 884 / 19700 / m202312040101 / config-hash: 18041799505519846586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:12:23 GMT

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
85 KB 402ms
33ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 09 Dec 2023 10:12:22 GMT
x-content-type-options: nosniff
age: 25062352
x-jsd-version: 2.5.16
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 86452
x-served-by: cache-fra-eddf8230020-FRA, cache-itm18847-ITM
x-jsd-version-type: version
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 renews.js Show response
storage.reurl.cc/javascripts/ 412 B
506 B 98ms
41ms Script
text/javascript 34.149.98.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:33:18 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 23944
vary: Origin
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 412
x-request-id: 3c4b56a1-2eba-4d9e-864f-685c7147fb8a

GET
H2 200 loading.js Show response
storage.reurl.cc/javascripts/ 134 B
256 B 98ms
41ms Script
text/javascript 34.149.98.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/loading.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 09:06:14 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 3968
vary: Origin
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134
x-request-id: 16c0bd55-2cf7-4250-acee-aa5b3ee8b232

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame AC2C 95 KB
26 KB 727ms
336ms Document
text/html 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

7caaa59a06e6bd6721beace66036489ee809f7e4c871ff48487bbee5a79dfd65

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:12:23 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: +vJijEwWg4R4LJAp+y/kXV/ca8WYKsxcKqAay+COBaDLUA0hO7S0O+bWuCOGvara8Gq/Dw/DI2ziNahqrr5uRw==
x-xss-protection: 0

GET
H2 200 feeds Show response
storage.re-news.tw/ 7 KB
7 KB 137ms
79ms XHR
text/html 35.244.196.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 280555e90833f74ed9c01266459f9e2154a47b4e69e8461e8ab16ad26dc2eb05

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:22 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"1cb0-4Zcx80RnVJ+6inVfxQuGoybh2h4"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7344

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 502ms
116ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Dec 2023 10:12:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: vNAqaxwo4KV/Lin+GsvfxZnzecmoKY8N1cM9neGGJh57GGybXnbOcr+OqrjIIN6adVWk9dct65jwGLCXpsi+AA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 545ms
56ms Script
text/javascript 142.251.42.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 08:51:39 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4844
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 09 Dec 2023 10:51:39 GMT

GET
H2 200 mocpogo_01.jpg
asset.re-news.tw/images/ 427 KB
428 KB 105ms
44ms Image
image/jpeg 34.117.23.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asset.re-news.tw/images/mocpogo_01.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.23.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.23.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 675c68ec272e15adac541942a16ddfa45419f6f959147e4728a4e26c512520ad

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 09:39:51 GMT
via: 1.1 google
age: 1951
x-guploader-uploadid: ABPtcPpDaFbOi5-vsssfNtTR-4sNR36NQWIXt86cN0uWSe2CYKExjSUD3D3rwKNAA5KgqngyY9JQNnQIkxofu2UO3bGB8w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 437364
last-modified: Wed, 18 Oct 2023 12:58:27 GMT
server: UploadServer
etag: "2336bdf757022c5d87b79cbbbcd1b477"
x-goog-generation: 1697633907721269
x-goog-hash: crc32c=dvOsJw==, md5=Iza991cCLF2Ht5y7vNG0dw==
content-type: image/jpeg
cache-control: public,max-age=3600
x-goog-stored-content-length: 437364
accept-ranges: bytes

GET
H2 200 1701901342-a3fa804e4bd060918c5127ca4ee031ce-840x525.jpg
img.gbyhn.com.tw/2023/12/ 75 KB
76 KB 474ms
67ms Image
image/jpeg 104.21.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gbyhn.com.tw/2023/12/1701901342-a3fa804e4bd060918c5127ca4ee031ce-840x525.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.96.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0210061ed0a4abc0263a7736faa5eb43cb8126bf3a350a89c49eee5a9db28147

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15109
alt-svc: h3=":443"; ma=86400
content-length: 76838
last-modified: Wed, 06 Dec 2023 22:22:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuqZOX9QA4ukj3QPX2u%2FpvkUXHmsfRhXRiKeUHp8MmqguPBK0wT5KYv1zb1jHARCrGPKxnENDBFSOh9DVaZFF65JWuVPEPtUgDWpHUBu82ydTDfrp0EXJxY7b8Zo2k6k7ceG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 832c782d7c3a19ec-KIX
expires: Wed, 13 Dec 2023 22:26:28 GMT

GET
H2 200 ESR_Logo_Logo.jpg
mma.prnasia.com/media2/1876479/ 18 KB
18 KB 471ms
69ms Image
image/jpeg 104.17.239.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mma.prnasia.com/media2/1876479/ESR_Logo_Logo.jpg?p=medium600
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.239.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: eb1dcc6858928161e0f053fd744a2039bb7c340473c48c38eea01305c9109432

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:23 GMT
cf-cache-status: HIT
age: 74871
x-powered-by: ASP.NET
server-timing: intid;desc=7a826199badcc51b
content-length: 18053
cf-bgj: h2pri
last-modified: Fri, 08 Dec 2023 13:23:22 GMT
server: cloudflare
vary: *, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 832c782d5ed48326-KIX
access-control-allow-headers: Content-Type
expires: Fri, 08 Dec 2023 13:23:23 GMT

GET
H2 200 2023120802095359.jpg
img.racingcharger.tw/wp-content/uploads/ 307 KB
307 KB 344ms
219ms Image
image/jpeg 61.216.47.122
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.racingcharger.tw/wp-content/uploads/2023120802095359.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.216.47.122 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-216-47-122.hinet-ip.hinet.net
Software: Apache /
Resource Hash: 9c067c26f5bddfc2d3810a3ada3371fb1f5e2350d76342d4050ab3fc67335964

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:23 GMT
last-modified: Fri, 08 Dec 2023 02:09:57 GMT
server: Apache
accept-ranges: bytes
content-length: 314534
content-type: image/jpeg

GET
H2 200 2023-JCB-%E6%82%A0%E9%81%8A%E8%81%AF%E5%90%8D%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2023/01/ 49 KB
49 KB 254ms
178ms Image
image/webp 192.0.78.24
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditcards.com.tw/wp-content/uploads/2023/01/2023-JCB-%E6%82%A0%E9%81%8A%E8%81%AF%E5%90%8D%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg?crop=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e6478184fe5d7ab4f3bad23a1d02c3331f979cf4fa2a38eaf2ea6e53f54f391b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-ac: 3.nrt _atomic_bur BYPASS
content-length: 50242
x-nc: HIT bur 4
last-modified: Thu, 30 Nov 2023 05:13:28 GMT
server: nginx
etag: "fe1c2850a81cccd5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
expires: Sat, 29 Nov 2025 17:13:28 GMT

GET
H2 200 %E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8...
www.rayskyinvest.com/wp-content/uploads/ 612 KB
612 KB 183ms
52ms Image
image/png 34.149.120.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rayskyinvest.com/wp-content/uploads/%E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8C%E7%94%A8%E4%BF%A1%E7%94%A8%E5%8D%A1%E8%B2%B7%E4%B8%8B%E4%BA%BA%E7%94%9F%E7%AC%AC%E4%B8%80%E9%A1%86%E6%AF%94%E7%89%B9%E5%B9%A3-3-1140x570.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.149.120.3 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 3.120.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 09 Dec 2023 10:12:23 GMT
expires: Sun, 08 Dec 2024 10:03:55 GMT
last-modified: Sat, 02 Dec 2023 07:13:09 GMT
server: nginx
etag: "656ad905-98e3b"
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 626235
x-cdn-c: all
x-sg-cdn: 1

GET
H2 200 file.png
static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 248 KB
248 KB 506ms
104ms Image
image/png 13.33.174.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-24.nrt57.r.cloudfront.net
Software: openresty/1.21.4.1 /
Resource Hash: 0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-seen-by: image-manipulator-7c76496fbd-bz6ff
date: Fri, 13 Oct 2023 11:18:20 GMT
via: 1.1 google, 1.1 1ea6da116083fc60c507da0ebeef580e.cloudfront.net (CloudFront)
server: openresty/1.21.4.1
x-amz-cf-pop: NRT57-C2
age: 4920843
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: rHJg_MvJa9DBA8ct74RmQYmTszrgw0TARm6wKOjsaZTdSIKFvW3QHg==
content-length: 253615
wix-tracer: 2WhrxaKwv8p2lJNwgKmnBT7r70v

GET
H2 200 2023101023413094.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/10/ 107 KB
107 KB 135ms
64ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg?resize=1024%2C535&ssl=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:22 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 109448
x-nc: HIT nrt 8
last-modified: Fri, 13 Oct 2023 09:02:46 GMT
server: nginx
etag: "ab5b506272fb167b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg>; rel="canonical"
expires: Sun, 12 Oct 2025 21:02:46 GMT

GET
H2 200 %E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 180 KB
181 KB 340ms
270ms Image
image/jpeg 192.0.78.187
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:23 GMT
strict-transport-security: max-age=31536000
x-ac: 3.nrt _atomic_bur BYPASS
last-modified: Thu, 27 Apr 2023 05:06:22 GMT
server: nginx
etag: "644a02ce-2d1f7"
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 184823
expires: Sat, 16 Dec 2023 10:12:23 GMT

GET
H2 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 126 KB
33 KB 42ms
41ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.138&r=stable&domain=reurl.cc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

096f85ac6d28eb274e8f6bcffc83c4d3baf2041bd4befd0adea68c566b20c57b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Dec 2023 10:12:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 33827
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: g1a3aNDy0gEhJ45GX/elJXNM6sMKZfAxo3nc5zw+VYqhQHA/rZ9aGYF4xVzFemWSr/coznQ8CZmOXqAazpS9Ug==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
142 B 222ms
217ms XHR
text/plain 142.251.42.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=932464576&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=597643067&gjid=1694449889&cid=1347942568.1702116743&tid=UA-102456694-1&_gid=132815240.1702116743&_r=1&_slc=1&z=106314858

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 116ms
115ms Image
image/gif 142.251.42.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=932464576&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MTI2Ljg1LjIxNS4xMjY&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1347942568.1702116743&tid=UA-102456694-1&_gid=132815240.1702116743&z=1196776320

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 15:56:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65724
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/ Frame AC2C 20 KB
6 KB 490ms
59ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

eb0110be59431fd3c8942faca7ee241aef70ddc66cc3316b645cc8ae6ca2b70a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QZ/F21WCMvVioyUwMJMxZA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5281
reporting-endpoints
x-fb-debug: UJQvuqHkFiDRd+6aajjknZPDzd8+jtxhyg+Khdw7oyNtd6GJJMptlSEPVBQ4/dx3X1xMkulkoBeyFlJCpOZbXA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 17:50:30 GMT

GET
H2 200 V-GL57iHfEB.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/ Frame AC2C 33 KB
7 KB 491ms
60ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mEms5HNO4RW/YAm2lY0J/Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6478
reporting-endpoints
x-fb-debug: l5RQhyVd8URxzkkmUrIhL+M56zEKkSZ0id7WmGRMbRXrJTsAJE2/YNv19SA89mg3EZ6VqCHNVElAs6c/IMAp4w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 23:18:01 GMT

GET
H2 200 L9vxdWjqRLv.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,ja_JP/ Frame AC2C 21 KB
5 KB 714ms
284ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,ja_JP/L9vxdWjqRLv.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

94d523edd701a50db76faf479f4e32f007cbd97ade5339313f1e5a1ef5b35a85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: YxGy9ULmNYpse9KBe8qMZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4833
reporting-endpoints
x-fb-debug: I66HsIkWfOkwt07ooyILB/GF/RU9PwOE/2DexBYG5YttEsjc5oQyZesfSpaeAkSXOr5KtuUamni0TN5WaozTjQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 29 Nov 2024 16:55:50 GMT

GET
H2 200 JS2LsxE-gw3.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame AC2C 354 KB
92 KB 714ms
284ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

fd66f83ea75a1ccdd4953552363bc37a9cf055220f8d89a23ec8564c8d2ed2fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Veg+9swSo/ybchlTfP+avA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93749
reporting-endpoints
x-fb-debug: GILntJGFlzWPcAkfpFiCETadOEgFC7qAmnMiwNYjd8KEFZ+OV7kRr8nHL5UYo17PGD7yFZBQnrEzltxNivpk1A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:11:38 GMT

GET
H2 200 YJcyY7izLGB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame AC2C 94 KB
27 KB 714ms
283ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/YJcyY7izLGB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qj5bFqqBeNQLu7uSNkxJ/A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27471
reporting-endpoints
x-fb-debug: 7pUWswxC/faPP6SIN2aiiUUQxamcHXWruFIDOdfiMWgW0/j0h6/LCupP9FtI6bfMa5FkmOrXN8xj48mgaXNtRw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:16:33 GMT

GET
H2 200 tbb6w30TkDN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame AC2C 7 KB
2 KB 657ms
227ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/tbb6w30TkDN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HCL+u+2LMSrM7ELnarU2bQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2226
reporting-endpoints
x-fb-debug: 5ktdl38nnKDsn9IiNqlPm0x/hIIGePfp/hs1vcHneiFjH81tgrSqVPa/w2GHGbsT/H6Qts+4gMFfcyNsRe9n8g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 06 Dec 2024 23:21:08 GMT

GET
H2 200 5iH8lLqlxlJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame AC2C 52 KB
17 KB 490ms
60ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/5iH8lLqlxlJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

c5d4bd00c93f687b2f1c47656a5dcee22ff87ae4dc205dd7d982d1082532cc29

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /PUjyDQo/qxByU6XD7sEBw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16835
reporting-endpoints
x-fb-debug: kuRPdnTZE0wgqAu7Ya6Wfh9LejdZSfR8jUCaseZyksrDkcNAxvk8ZuU20BCDH1aURo57GRcUyFXp1As6HkPh3g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 00:37:41 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame AC2C 507 B
487 B 490ms
60ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: xfgMgiKBNsgcrx1lhN/KAu5TXMhdGyZN+axJ/V6pOqhxELvn5BK6ldlta88fpUHI22PCxZ55HcaQrQzpPfRI7w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 18:53:20 GMT

GET
H2 200 kUrCp987F5r.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLxq4/yd/l/ja_JP/ Frame AC2C 28 KB
8 KB 490ms
60ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLxq4/yd/l/ja_JP/kUrCp987F5r.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

3a7a68e832e09c668589e2bab6e3bc69348c21fdd4be0b940446e8d3b0948a6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cO3XBqtxUlL4qpnQkU3adQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7937
reporting-endpoints
x-fb-debug: O88ACbMuCfMc6vwIvp1vSyiiF7D2DTMV1/VJ9hFlOEVXQtYKEkijANavF+nfKT9SgZKdf8lSUO0HX4CqekzYDg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 20:00:29 GMT

GET
H2 200 KudK-WKp3ZH.js Show response
static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/ Frame AC2C 71 KB
20 KB 714ms
284ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: phAMyoOpvbhoet00DvMWkg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20298
reporting-endpoints
x-fb-debug: V2nMxDNmmBVYt1ddnQGQMNaxsIehY2FpXDZoBdbSez1bMSAOcTxo6yEs5Wv3cuT6XKJ0lOXBe4a0mjapvjd4ww==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 30 Nov 2024 23:19:01 GMT

GET
H2 200 a5lyNsAxenJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3iUOk4/y9/l/ja_JP/ Frame AC2C 348 KB
82 KB 714ms
284ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iUOk4/y9/l/ja_JP/a5lyNsAxenJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

0ebacafc72baccb35d633c8959c37a3b14cd64c35a94355761f5e84af4e24323

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0Ycn4CdUMcQu52zpN8q4Lw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 83382
reporting-endpoints
x-fb-debug: xJ/0uPuH6eBroeGEwsJMwDzR2bFakJbrQgevVXnsOqi8dyyQ6hakXyc4vsayO2GrruWlKrKliDayIVG74Nocew==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 20:00:41 GMT

GET
H2 200 TioQWlTZ3BG.js Show response
static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/ Frame AC2C 397 KB
94 KB 656ms
226ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/TioQWlTZ3BG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: aC8cw5hP/LLy3Ed3OJp1xQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 95634
reporting-endpoints
x-fb-debug: oLbxlQI3oDtVbvrJsptWyFdLFCxfF0/G087Hi5bym6g7yu9m4yZ03IV9hzDs3Ajl0FEGTOZTB2uYF/F0RSoXfg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:24:12 GMT

GET
H2 200 qb2Dj7XLRaI.js Show response
static.xx.fbcdn.net/rsrc.php/v3iB1C4/yR/l/ja_JP/ Frame AC2C 57 KB
18 KB 656ms
227ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iB1C4/yR/l/ja_JP/qb2Dj7XLRaI.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

2af9dcd5f220b6aaa7fb46c21e3a9833abce8a1d7953c0591013081dd73c6e57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4Adm+FXxkwDjHgLJ9sF/4A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17829
reporting-endpoints
x-fb-debug: nyW4pDFbyjuixRtKkdd8/1tMamMQWBHb9rOxRUCaNeTPs5odfRh8GKReCYsHmyuNL7tiIBRj3caQCxT6iu7rEQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 01 Dec 2024 16:14:55 GMT

GET
H2 200 8ymKMCefWgD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ Frame AC2C 209 KB
60 KB 656ms
227ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/8ymKMCefWgD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

d353b1355c456941a6195bf480abb7c6092cfd0213313f56168f2315b43d40e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 30iKdJ7w93p6Ga9jpgjUMg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 60955
reporting-endpoints
x-fb-debug: q9TXbFzKaCSE8ncbx788ZypFR0zZUoIwUDi49A3p4F8NMBanpwzKYgLF+vUwuwsn/WsxWanzyTdZAA5ktXHbog==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 23:30:26 GMT

GET
H2 200 EjdAug5mQIB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame AC2C 28 KB
7 KB 489ms
61ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/EjdAug5mQIB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QpoZNtNrb1RRm+1fPhnrPA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7378
reporting-endpoints
x-fb-debug: k/Yu4P7DehhOc6HhJ1VTs/0YTUCjF/jB7QpDBMr6Apapx3wP3WarngcdrGvViniqPJLfW/5Fb6A3kfRdQZdMtA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 26 Nov 2024 06:33:45 GMT

GET
H2 200 HzxD9aAXSyD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame AC2C 55 KB
15 KB 712ms
283ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oRcNmPqvdkv3ysBSBC5rSQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15157
reporting-endpoints
x-fb-debug: caFcZax7wDhvHTxTdGJLpexAbHOkMnL2LXYNiiz53AZOhHalTaJJwcnCGl6FlWXXkIE5uUDpAY+UvGwH1VUjlw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 27 Nov 2024 19:20:18 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 432 KB
135 KB 60ms
59ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:30:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20499
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138293
x-xss-protection: 0
server: cafe
etag: 11350998454379829730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 08 Dec 2024 04:30:44 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
154 B 671ms
185ms XHR
text/plain 74.125.23.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=1347942568.1702116743&jid=597643067&gjid=1694449889&_gid=132815240.1702116743&_u=IEBAAEAAAAAAACAAI~&z=613876168

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.23.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tg-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 09 Dec 2023 10:12:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 325141786_6140032619364934_7377705774471631398_n.jpg
scontent-itm1-1.xx.fbcdn.net/v/t39.30808-6/ Frame AC2C 16 KB
17 KB 633ms
128ms Image
image/jpeg 157.240.209.14
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-itm1-1.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=081abc&_nc_ohc=AFqS8Ov4x6EAX8H-bsO&_nc_ht=scontent-itm1-1.xx&edm=ADwHzz8EAAAA&oh=00_AfBkvEY3VWubJlSC1t8QNm75Ra9-I84YmLNCljd2YgM-1Q&oe=65798585
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.14 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:24 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 13 Jan 2023 04:15:10 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1433450679
thrift_fmhk: GBAVr21o7FKkUNKXKsW5IOgfFeq3uckLAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2910780274
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 16853

GET
H2 200 305964663_450890893727816_1742559653774706626_n.jpg
scontent-itm1-1.xx.fbcdn.net/v/t39.30808-1/ Frame AC2C 1 KB
1 KB 28ms
28ms Image
image/jpeg 157.240.209.14
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-itm1-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=4da83f&_nc_ohc=wnzSsJ60VVQAX_7GwwB&_nc_ht=scontent-itm1-1.xx&edm=ADwHzz8EAAAA&oh=00_AfBGnv9rXynIkPzJ1i5hngiqFnMBSjifSgr4x1AmF-IP_w&oe=65784515
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.14 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:24 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 08 Sep 2022 19:16:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2540016234
thrift_fmhk: GBBuInxWv/H3KKPev1vnnVEuFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 88386505
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1345

GET
H2 200 /
www.facebook.com/tr/ 0
106 B 237ms
237ms Image
text/plain 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1702116743658&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1702116743655.1368025613&cs_est=true&pm=1&hrl=7a1c4f&ler=empty&it=1702116743260&coo=false&cs_cc=1&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 09 Dec 2023 10:12:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
analytics.google.com/g/ 0
249 B 582ms
85ms Ping
text/plain 142.250.207.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702116742667&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1347942568.1702116743&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702116743&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1918
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.207.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s54-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 326ms
185ms Ping
text/plain 74.125.23.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=1347942568.1702116743&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.23.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tg-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
408 B 594ms
94ms Image
image/gif 142.250.198.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N394QBRGC0&cid=1347942568.1702116743&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1&z=44527433

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 475ms
51ms Script
text/javascript 182.161.74.1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:12:24 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 317ms
114ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 20:31:13 GMT
server: cloudflare
age: 295811
etag: W/"65401291-2b7d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 832c78339c7e19ee-KIX
expires: Tue, 12 Dec 2023 10:12:24 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 206ms
74ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 20:01:14 GMT
content-encoding: gzip
age: 2297470
x-guploader-uploadid: ABPtcPoSzlCbIqe7uTy4c_CR7e9hOCsQH_jzpSJHhYdbNSotZQrcN2x15oSvj-bwS3MryE1wLnW8Rzrr_6reYPfYIB2TJL9-_OAm
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Mon, 11 Nov 2024 20:01:14 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 422ms
294ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:24 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 20bf1eb8024329cb4b742009345e04a4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 365ms
162ms Script
text/javascript 18.65.185.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.185.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-185-16.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:44:42 GMT
content-encoding: gzip
via: 1.1 9bc02c0e66fba3c7d773b9367b192e40.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P2
age: 55663
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: lNx8uQjscAeaog-d4FKJAZ4tkeJMYdkdU4dYMcIKag81eK1Y3rtf3Q==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 148 KB
36 KB 594ms
593ms Fetch
text/plain 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4373668189368071&correlator=45255063420426&eid=31078986&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847%2C13848%2C13856%2C14210%2C14209&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%2C300x250%2C1x1%7C320x50%7C300x100%7C320x100&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702116744034&lmt=1702116744&adxs=245%2C1005%2C245%2C625%2C245&adys=505%2C108%2C108%2C108%2C358&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=1140x90%7C380x250%7C380x250%7C380x250%7C1140x50&msz=1110x90%7C350x250%7C350x250%7C350x250%7C1110x50&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1347942568.1702116743&ga_sid=1702116744&ga_hid=932464576&ga_fc=true&dlt=1702116742242&idt=1760&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=81851380%2C1451399479%2C827794272%2C3242553145%2C3271617715&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

beb8cc4e47427dba597ccd68a8a8bfb4c5093da417388cdd9d2d5703909991e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36580
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,6297900949,6297899953
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,138432357881,138432362607
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 421ms
421ms Fetch
text/plain 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4373668189368071&correlator=45255063420426&eid=31078986&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702116744042&lmt=1702116744&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=195x-1&msz=195x-1&fws=512&ohw=0&ga_vid=1347942568.1702116743&ga_sid=1702116744&ga_hid=932464576&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY37bB8MQxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjftsHwxDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y3rbB8MQxSABSAghkEhcKCHJ0YmhvdXNlGN-2wfDEMUgAUgIIZBIUCgVvcGVueBjftsHwxDFIAFICCGQ.&dlt=1702116742242&idt=1760&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=3261691140&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

a0ec824374c365016ad3c141541d0a80759638893e6e7f5bf0c84dea3e300c55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12595
x-xss-protection: 0
google-lineitem-id: 6263003938
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138428653768
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BA80 6 KB
3 KB 561ms
92ms Document
text/html 142.250.196.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:12:24 GMT
expires: Sun, 08 Dec 2024 10:12:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 506ms
98ms Image
image/gif 172.217.161.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=1347942568.1702116743&jid=597643067&_u=IEBAAEAAAAAAACAAI~&z=1645512772

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
107 B 270ms
96ms Image
image/gif 142.250.198.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=1347942568.1702116743&jid=597643067&_u=IEBAAEAAAAAAACAAI~&z=1645512772

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1

85 B
195 B

196ms
196ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 8e5ca2793db85ebd0369fcd12cb0de3c3a48f6f992bef1dc7b34c2446a0c49ca

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:24 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-X7cGOZPxjuEELIVKeLIDHOd+CyU"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sat, 09 Dec 2023 10:12:24 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://reurl.cc
location: /esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
688 B 325ms
116ms XHR
application/json 54.255.159.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.255.159.219 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-159-219.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: c8346ff64e6e0b3f6d47d8a8292a05f4959ff308bdfa41bff7ca30ad12922d2a

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://reurl.cc
cache-control: no-cache
x-server: 10.42.11.234
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H2 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame AC2C 573 B
834 B 333ms
32ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:24 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: ZD3QxG4H8eTNbhHaKOzszlH4EtHKvLShzewdJeBbNtZmfDVFH+Y9gPvS5cqCqRkE52XvbU/eG5BqgT6K7eJRzw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 21:03:22 GMT

GET
H2 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame AC2C 90 KB
22 KB 737ms
737ms XHR
application/x-javascript 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2FgaOWLp%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19700.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010319003&__s=%3A%3Alc9w0s&__hsi=7310535745202948244&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__csr=&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

5369ace1b850cc91bce4b5b4362a17017c7e82d2be16c8ac11d6ad265200292a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: 3ZraBRY1QY6C8OMbFxPrHo
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 10:12:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: ubuSk8MZyIfCGB42ipmk/pKOzXOJBaKTn9krTX0TbDHq89lFr40wxBUhP+POlUyC60FrgT+vHGBUp2mOrdT2Xw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame AC2C 62 B
378 B 218ms
217ms XHR
application/x-javascript 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

2682d927fc3a8cefb3d09b780b90455ed4f2799b8ed812e2d35f086ee48de9ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: 3ZraBRY1QY6C8OMbFxPrHo
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 10:12:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: AMS4kF2iYqrqvWamKCcQJLEJRL6EYiIlq+964zW3hHYyUD6cHUEzqJ8OdkzxC2rWbCXm4io1eJdmqzjrluyCYQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame AC2C 1 KB
846 B 377ms
376ms XHR
application/x-javascript 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

fd776544bda4f33eb6c090beb6c5ff05ed75e0daf4bc2e5420283774d2be0cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: 3ZraBRY1QY6C8OMbFxPrHo
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 10:12:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: NAw6u+y8xGXeGbh561lG1BT3GqPgGQ4TSvgRaAYWxmxjQj+54j8NN5XaxMJHTXDq3di8uxjMfFgThqUGNjNDug==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5129 0
0 77ms
76ms Fetch
image/gif 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstL25jIaLQ2k4uZH9mFC8VQux75QKcE4iZAcVW16rhzjrh4uh8g0nbrDHyelUiya6xHfvUXodpyWlxnZVSf5GmAGeLMw48XBDUuR4wcedwTlGQ1VZ_5gZYhMmQSxpS5yLvQDMFka7W0fSnFM-3EV4LRi5kCLHtsjeZCB8yuQQ8xfYMM1HYqTzfFRTDwPwT2ddYAZ3B5hcG8tSuSAAX50A5aXnY9ByZXAvuGyJ4MyXcNMDcb64cWJIfhUUPNvOfQ7lfL8y0mdN_HiA2egmyPt1IKYBssQrkILpokUfXvEC30vM0jYQunLMcEjCcJ9CyHsqbC5hdmT4u2RTsvZxbIJXcvQNDeRC8-67t9HoQAYTpjwB1B9heMHDCzorA&sai=AMfl-YTOjgl1GbaLkG8CBFuMSZQP_OtIYD6kr6ehzpCGTQExD-2NURqV6ju1vcAwMKtPqevX-qmMvHtVg924iIaQnDMnaxxkZ6qilZMgAGdES5NUurSQJsh-x2xlN7GOq3u-v_Be_D5i5hXTyrdPaYwA2K1ZTtyPrYkXGO1ekA&sig=Cg0ArKJSzMM9EMv5hx8pEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 10:12:24 GMT

GET
H2 200 7942.js Show response
cnt.trvdp.com/js/1250/ Frame 5129 535 B
900 B 264ms
49ms Script
application/javascript 18.172.52.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1250/7942.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.52.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-52-87.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:28:17 GMT
via: 1.1 65be7de1eb706a63642aebbd553eb59c.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 15:54:16 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-P2
age: 5204648
etag: "f229c3a6991d60be41be6d40e220701e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 535
x-amz-cf-id: 7SFRJ9KcLKtz8qtBAKIE2JLTS3F4KY_9KhFOLbX4tmZyUpJnRvY7QQ==

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5129 202 KB
64 KB 552ms
135ms Script
text/javascript 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:12:25 GMT

GET
H2 200 b03rUpj3fKJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame AC2C 12 KB
4 KB 39ms
38ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/b03rUpj3fKJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

b98745699334e83f49350bbf814a657f787ae1d515b8e41df4856ea89dd2f8a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pG8ZphjXUfeB/6xAtn+7sQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3454
reporting-endpoints
x-fb-debug: DRdGtH5o58z6Xkn/N2MFJuS7rGjvEI0Xixz49NLzf9FuXBFtimHQo4N7Fnk9RjGe517xC7vX3A7fxbvNkQyjHw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:16:34 GMT

GET
H2 200 C8LrV2fV5JS.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame AC2C 339 KB
73 KB 38ms
38ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/C8LrV2fV5JS.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

5d28e955cf2bc7eab352b6053c691492b7436b141829f69b52f3639f86beaa96

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uzIAFtOVooYStiVL9khrKg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 74671
reporting-endpoints
x-fb-debug: WFWC+pJi/TmV7uPVZaD2eVVnDg380PeWbtKUfBbFBf8EkriFhYc+AdkB0M3oaAX9U2hBq0B9WCOnjL5WGPJUBg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:47:54 GMT

GET
H2 200 QQEU1-TaC4N.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame AC2C 2 KB
1 KB 39ms
39ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/QQEU1-TaC4N.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uDyhM5TI+HxzvqrjM1/g4w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 898
reporting-endpoints
x-fb-debug: jpXegtyhSt0SkZh6ookROgivzVIO0W15/waLWFSNQ7QKBIJGAljllPQiLvoIFHpO9WyoNNGPdoqNHb90wovzKw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 27 Nov 2024 18:22:49 GMT

GET
H2 200 1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame AC2C 12 KB
12 KB 332ms
32ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:24 GMT
x-content-type-options: nosniff
content-md5: Bsv/k/2TeJemYEeLUt4www==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12027
reporting-endpoints
x-fb-debug: IelIUaaXgpvYzHdmliRgH8JaNZqmB03FG4wBEViLkwuWwSuPoKD7LEwtRa+4SN2rUE6kKUPJ6IpWIR7IlJE0cg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 27 Nov 2024 20:21:49 GMT

GET
H2 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame AC2C 1 KB
1 KB 333ms
32ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:24 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
reporting-endpoints
x-fb-debug: B4HTGQ8+lgFXoP4gLeSnwqSjSEJO/Zl+YNLjxf7ZNPD8mam0snchpe5q3k9M4yU4g3+9Q+hej9DQoYa1pIm8Tg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 01 Dec 2024 17:51:04 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3F58 15 KB
6 KB 434ms
62ms Document
text/html 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:12:24 GMT
server: Kestrel
server-processing-duration-in-ticks: 337976
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 container.html Show response
124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BE22 6 KB
3 KB 34ms
33ms Document
text/html 142.250.196.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:12:24 GMT
expires: Sun, 08 Dec 2024 10:12:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame E94C 196 KB
55 KB 528ms
70ms Script
text/javascript 142.251.42.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f1.1e100.net

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 07 Dec 2023 15:55:11 GMT
age: 152234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Dec 2024 15:55:11 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame E94C 15 KB
5 KB 527ms
69ms Script
text/javascript 142.251.42.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f1.1e100.net

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 07 Dec 2023 15:42:12 GMT
age: 153013
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Dec 2024 15:42:12 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame E94C 95 KB
29 KB 511ms
53ms Script
text/javascript 142.251.42.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f1.1e100.net

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Dec 2023 18:34:10 GMT
age: 56295
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Dec 2024 18:34:10 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame E94C 5 KB
3 KB 505ms
47ms Script
text/javascript 142.251.42.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f1.1e100.net

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 06 Dec 2023 19:42:08 GMT
age: 225017
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 05 Dec 2024 19:42:08 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame E94C 40 KB
13 KB 506ms
48ms Script
text/javascript 142.251.42.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f1.1e100.net

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 07 Dec 2023 15:58:35 GMT
age: 152030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Dec 2024 15:58:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E94C 526 B
363 B 544ms
86ms Stylesheet
text/css 142.251.42.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C700&text=%E7%94%BB%E5%83%8F%E3%81%8D%E9%96%8B%E3%83%83%E3%81%BE%E3%81%A6%E3%81%99%E3%82%92%E3%83%AA%E3%81%93%E3%81%97%E3%82%AF

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f10.1e100.net

Software

ESF /

Resource Hash

f269e265a67850c7bb6a48b4b2d6bf4059059eea6e5cd70bc5424d8613cbf528

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 10:12:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 10:12:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E94C 5 KB
1 KB 543ms
85ms Stylesheet
text/css 142.251.42.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f10.1e100.net

Software

ESF /

Resource Hash

c62a7a718744861f913b590ec5dbaa4101a1ccdbe54dc9ecd48c6659eccc812c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 08:25:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 10:12:25 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame D5C8 0
0 72ms
71ms Fetch
image/gif 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssW3-ikgXXJyEJfi_Av67_RBavKUaOZoV6oDGNyvEte6DhqEE1wu5T4qeWeabYC7PlnqnG0NHhKpzRyk0BOOKXAOmDG4sBmRJQrUELlT3fQyuMSdc726aSA9Vt1MP_gVBHZDDX_hI17GtQPUuOzS3HzZsVd_lqAiQlojFmMxfuoCtxiwCTDi9EcadvWwaOR0v5yHUc16TTPJ3tqqNfOVyMB8nARCtRx3eECwdhT6CIsr6sypyt-hYw6EYdAvUwDQKfs_Uk4ivn-UYFKCMIvMb73BL5gHUIVvMFGVeBvdbUr_j0J6jR4-xhbBt-CWrjo0eXFbMvQ5DJwMgKoJmcSbM00jVbP9KvZGBjEEy582-ShBOn13Xj_8QZQg7VWsxVZ&sai=AMfl-YRWfKHI9lRJThzzfiWmqBscTFU1ZQjTeSc0FA7n8-chLhQZqSmdqmwDJoJ7FKuPuurfT2pqXm8IZFPICvVhOG7bxITihd9qP10oAxcOqDe8DYfno89KlfARDY9CeqvoheIGjwhGrZWSeHsOakxEUhvqZgwoiPXPRA9c-Q&sig=Cg0ArKJSzEjPbc5y2QvpEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame D5C8 9 KB
10 KB 500ms
50ms Script
application/javascript 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date: Sat, 09 Dec 2023 10:11:48 GMT
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 00:04:29 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 39
x-amz-server-side-encryption: AES256
etag: "2b18447e41c64d14195cefd72eb57400"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9645
x-amz-cf-id: DlC27OA5bHzQd79hbMGeQRo_F5v44MdSUrlxILtvu9W2qECcWUso8Q==

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5C8 202 KB
64 KB 419ms
175ms Script
text/javascript 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:12:25 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C7F9 0
0 77ms
76ms Fetch
image/gif 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvwjEoay2KOFiderVndt1Ylvbha9jp0Aa6eybLIh5xPsY8dgCtmF5kTmi12fZDoMlcFroj-pbH0p6J6LX5OGFkjjqS84SOZdOsgNM-ZgWoXyS5aMFfnJhA3DoozmF1R72K7ce7L8Ar80OzwQOChFe4v4yE5U3xSND352ZfG0a_EIPRUlJsRIpZY7eCLiXQks_zVyXx5RjQvgQsmpwPuGnys_Snvr4gglNgoiIgPfoUvZmi-pXp9UGQSLECwXfL0tP2iP3-kplni0F_DESoRfQ8hEvCBiTjC9aZrb5p-bVBYnzaHoJMkl8LIFhYR4TdMkKcuCV_Svguevhj5CFBk-FVXQdiKvfBQCktZ5FXp-8KBQR-0MM2sTDqFJrVJY1Z&sai=AMfl-YSAxCXiHmaOlN7g26lhtE65eMIcwC2hy-_MZznpjCYA9PlxQ1UiHrBYnUHmZ6eHufOVSzm0glxP8DXEgFktaDvaADtpgnMp6IeZnjmvHJgR3Mn9cglpCp6gkJ4ubMxscg0BrFazBzdtuTeJ8OluHnnTtlneTP4OzEy4oA&sig=Cg0ArKJSzElHoqIGZgOfEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame C7F9 9 KB
10 KB 492ms
51ms Script
application/javascript 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date: Sat, 09 Dec 2023 10:11:48 GMT
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 00:04:29 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 39
x-amz-server-side-encryption: AES256
etag: "2b18447e41c64d14195cefd72eb57400"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9645
x-amz-cf-id: io-1HQYg2Q69VtHA8bVlyZV1ElSVP-93h0kvKYjgncTkm13m3GP-wg==

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C7F9 202 KB
64 KB 414ms
178ms Script
text/javascript 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:12:25 GMT

GET
H2 200 zh_tw_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E94C 3 KB
3 KB 508ms
52ms Image
image/png 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw_bl.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

3734c01100f54eb39e2612827645a197465b209f0b058efd22d2aa04f34fb66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:43:05 GMT
x-content-type-options: nosniff
server: cafe
age: 80960
etag: 4870481765684750750
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3412
x-xss-protection: 0
expires: Sat, 09 Dec 2023 11:43:05 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E94C 344 B
474 B 507ms
51ms Image
image/png 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:42:57 GMT
x-content-type-options: nosniff
server: cafe
age: 52168
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 09 Dec 2023 19:42:57 GMT

GET
DATA 200
OK truncated
/ Frame E94C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E94C 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56355b58c5b3ae628c21bc20c25063cfee0fdd4d0d041f7a61b77f7d2c30120d

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 76D6 448 B
362 B 73ms
70ms Document
text/html 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNV1akUUUkioIYDcZk6C_0uR-AbwTNq5Ij1FeynUSdaOA7hQPFTtR0R231LWlJcGiocikiRH_AuJeMf-jG3Y5qZtgGLoDA

Requested by

Host: 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
URL: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:12:24 GMT
expires: Sat, 09 Dec 2023 10:12:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BE22 89 KB
31 KB 629ms
201ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
URL: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:12:25 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BE22 42 B
401 B 498ms
70ms Image
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BaNT2X_W4K5SQIXhaEb-lWowmmdQZk1jJIgP4zpfxUe3WoWP1kRTVpJMNHMFt7E75kB9Rl3DuuivcA6_XFZ1Thu5tfq5CKihgQGfjdMT_-LLq_UoA

Requested by

Host: 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
URL: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame BE22 2 KB
1 KB 459ms
49ms Script
application/javascript 23.61.252.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115752&plc=4398657&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iF17KROIk8adFLuW3ESRMM&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=449233607217&turl=https://reurl.cc/gaOWLp&DVP_PP_BUNDLE_ID=
Requested by: Host: 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
URL: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.252.83 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-252-83.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:12:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 07:41:51 GMT
Server: UploadServer
ETag: "4bec59ab2a9fb77e9ba1af294cf3504b"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Sun, 10 Dec 2023 10:12:25 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame BE22 9 KB
4 KB 459ms
50ms Script
application/javascript 23.61.252.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0iF17KROIk8adFLuW3ESRMM&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=449233607217&turl=https://reurl.cc/gaOWLp&DVP_PP_BUNDLE_ID=
Requested by: Host: 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
URL: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.252.83 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-252-83.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 77bcc9a2018d9882752571a1063ef8fdfdb22353f6dcf019be8d5eff94ee063f

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:12:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 09:57:43 GMT
Server: UploadServer
ETag: "acd98c72a3678fcc8c90582582f71fb9"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3638
Expires: Sat, 09 Dec 2023 10:27:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame BE22 3 KB
1 KB 478ms
51ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
URL: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 03:41:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame BE22 20 KB
9 KB 476ms
50ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
URL: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 03:41:17 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BE22 202 KB
64 KB 395ms
191ms Script
text/javascript 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
URL: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:12:25 GMT

GET
H2 200 7942.js Show response
go.trvdp.com/init/ 6 KB
6 KB 207ms
56ms Script
binary/octet-stream 18.65.185.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/7942.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1250/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.185.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-185-12.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 16:21:32 GMT
via: 1.1 06dea94a9acccc89bf073f5b6e5408ea.cloudfront.net (CloudFront)
last-modified: Sat, 25 Mar 2023 08:02:02 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P2
age: 19417853
etag: "cec9f63f120ca9bc6868582a79e6b514"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: qwTPjmLMmKdxEbxC1_1XOqzk7a3VCI5_3PC2eihRFDew9i92Tb_hNQ==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 76D6
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
243 B

111ms
107ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNV1akUUUkioIYDcZk6C_0uR-AbwTNq5Ij1FeynUSdaOA7hQPFTtR0R231LWlJcGiocikiRH_AuJeMf-jG3Y5qZtgGLoDA

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Dec 2023 10:12:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 76D6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDgmeW67rQqrxZ3502MIiRg&google_cver=1

43 B
770 B

86ms
84ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDgmeW67rQqrxZ3502MIiRg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNV1akUUUkioIYDcZk6C_0uR-AbwTNq5Ij1FeynUSdaOA7hQPFTtR0R231LWlJcGiocikiRH_AuJeMf-jG3Y5qZtgGLoDA
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SPoOehopyZWKnyD31gzbeq6bw8TI8cZltsCHzzmSN1mFm1tGfZ75j%2FlAebZFYCE7vbmfSkvj%2BNaB03Eq3M272Cb%2BaYCTZtT%2Fwl3YGALhHauv1L3xpgiwcDnTP32wFxa7yKXRZw1i0KAXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 832c78389fef833b-KIX
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDgmeW67rQqrxZ3502MIiRg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 76D6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXQ9iNx9vzgpChm6luESQQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDgmeW67rQqrxZ3502MIiRg&google_cver=1

43 B
736 B

59ms
58ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDgmeW67rQqrxZ3502MIiRg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNV1akUUUkioIYDcZk6C_0uR-AbwTNq5Ij1FeynUSdaOA7hQPFTtR0R231LWlJcGiocikiRH_AuJeMf-jG3Y5qZtgGLoDA
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLrb36RmiumwevynXzYwchSQm0RULY%2BA3UEXpFS2SJYrJfqVvWfQjCruWOhjMtr%2FE%2Bg8NiRmR7DZmmoKEqZNJrCGGBg0fM7R4GFRslA42jtgPsEcJhPYB0f%2B29v4F3JWVEGL7gLXmzfBSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 832c783999d7833b-KIX
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDgmeW67rQqrxZ3502MIiRg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame B798 484 B
726 B 135ms
73ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e11bf5bb05f9955458b12a5dd73cd9fd3d147ddc0175d6d362bc9218b79e4264

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 311
content-type: text/html
date: Sat, 09 Dec 2023 10:12:24 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B798
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=b2695117-fbb4-738f-f350-b0718e506aba&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=b2695117-fbb4-738f-f350-b0718e506aba&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=20eac2e6-e637-402c-857d-30de4caf371f&ttd_puid=b2695117-fbb4-738f-f350-b0718e506aba&gdpr=0&gdpr_consent=

43 B
239 B

101ms
101ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=20eac2e6-e637-402c-857d-30de4caf371f&ttd_puid=b2695117-fbb4-738f-f350-b0718e506aba&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=20eac2e6-e637-402c-857d-30de4caf371f&ttd_puid=b2695117-fbb4-738f-f350-b0718e506aba&gdpr=0&gdpr_consent=
date: Sat, 09 Dec 2023 10:12:25 GMT
server: Kestrel
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame B798
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXQ9icCo5sAAAN-pZaUAAAAA

43 B
97 B

84ms
83ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXQ9icCo5sAAAN-pZaUAAAAA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Sat, 09 Dec 2023 10:12:25 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"126.85.215.126","key":"ZXQ9icCo5sAAAN-pZaUAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad400"}
X-SO-Key: ZXQ9icCo5sAAAN-pZaUAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad400
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXQ9icCo5sAAAN-pZaUAAAAA
Cache-Control: private
X-SO-HostName: m-ad400.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 91
Content-Length: 0
X-SO-LB-Hostname: a-tgng40002.dc2p.scaleout.jp
X-SO-IP: 126.85.215.126

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame B798
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZRGvO8IzMgHks8AEDqSZJQvhs8AAAGMThBgGA

43 B
97 B

82ms
81ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZRGvO8IzMgHks8AEDqSZJQvhs8AAAGMThBgGA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:25 GMT
via: 1.1 5423423d57b2c3f0d27d9f0b9703082c.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: NRT57-C3
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZRGvO8IzMgHks8AEDqSZJQvhs8AAAGMThBgGA
cache-control: no-cache
content-length: 0
x-amz-cf-id: a2nwAu94GM14nyE1zNswcPgGotP-qv6e4gauAJ8Kf-suXLlNnCInWg==
expires: -1

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame B798 170 B
232 B 116ms
105ms Image
image/png 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWUwNjgyZGQtMzJjMy0yZDJiLWU2YjAtZWFjODQ0YjJhNGRh

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B798
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIHirgmqSeM4AU2D_GV_Eos&google_cver=1

43 B
171 B

69ms
67ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIHirgmqSeM4AU2D_GV_Eos&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIHirgmqSeM4AU2D_GV_Eos&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 3F58 444 B
566 B 89ms
88ms Fetch
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

5b7cb3d0fb16d33c0eb67ad84e23c78185cd4c71276f4e4bb8b115311dfe4ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:24 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 4495627
expires: 0

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 3 KB
2 KB 444ms
218ms XHR
application/json 143.204.86.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1250&wid=7942&cb=5752.810972484365&pid=5434&url=https%3A%2F%2Freurl.cc%2FgaOWLp
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-97.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: 1b20a70471fb8bfb738e087db744bb71b731613be8258422970a821bc652b4d3

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: gzip
via: 1.1 3326ced070f64c37ff4d732ed8d8fe38.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: NRT12-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: r1rWLksQlU5VpQTECVxmxgwUc_CCbQhEhpTl-n6PCCGx_ln3Ws1Rag==

GET
DATA 200
OK truncated
/ Frame 5129 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 142e21ec877ac3ce88c9f8356d684a728b8bb102193c54facad5757d845ad44b

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5129 0
0 856ms
128ms Fetch
image/gif 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2ZFRQywyuf0KKtvkS_O1abQhe1dkTxtNgdqelaetSL86cTIhIyEc8dGvvurTS9D3FVJopP-SkCjbcnS8VBT3mZkXv13R2vCSWHIZRLgSNmEmyEq_8DGBpUtCr78qYr-6ruMTO8_ZjiINsJORE4kyZg_iJAVeRZOVg_l6vHnT3TEw4bJcbz9k2X4hby84v-0Ow8sjthZAAhmJu6eGUCAz-Rauc4TNhW5GctBihmgoFsI3DPMfPl-qxesgot_nKIXBxJlkoNh9phobszhuJd645XG30wbdnPqQmuw-e6IpKhTZZ73NMj9PqjVl8Oz4fGxKQKgzUNFZZuoeYID5qgJMIIDgPZcvr78XR_7Tw2KiafQDBNSzW0cQr-6EmZQ&sai=AMfl-YQNfO3R4HoKPrAmHPA3TvaInCSlt-Uut53f-twkIa97okkFYBXcj6G94E95NKyrU2D0mg4mqRshDTZgDhofY3Gmv9h4AmL4bJChkVkz_gVVNLPbJOEwKj_9SPylb057ebsKd48F_kZOsY_tNAPVhOaPzNXKlQ5kiMZPiQ&sig=Cg0ArKJSzCsLX7DcjHVWEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 10:12:25 GMT

GET
DATA 200
OK truncated
/ Frame D5C8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6af89af6e07249a5f89a7f74aa59053de1ea84a73ade39aeb150facf2f78e97

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C7F9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f846179b5172af062726bc9b26952499f18f07417cb4fb9901759e21383a5d70

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 font
fonts.gstatic.com/l/ Frame E94C 8 KB
8 KB 581ms
143ms Font
font/woff2 142.250.207.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxotMdboZGuG91j3LBprNTWZW0Epgjz0piXiw9-Tv-_kGPivIFXX5int&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C700&text=%E7%94%BB%E5%83%8F%E3%81%8D%E9%96%8B%E3%83%83%E3%81%BE%E3%81%A6%E3%81%99%E3%82%92%E3%83%AA%E3%81%93%E3%81%97%E3%82%AF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s11-in-f3.1e100.net

Software

ESF /

Resource Hash

672234d01f68a29b55fe61143e94ae1a25e1a3122b3a587f5adad89cac208c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://reurl.cc
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8076
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:12:25 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame E94C 47 KB
48 KB 579ms
144ms Font
font/woff2 142.250.207.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s11-in-f3.1e100.net

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://reurl.cc
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:03:20 GMT
x-content-type-options: nosniff
age: 184145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 07:03:20 GMT

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 4F9C 10 KB
10 KB 35ms
34ms Document
text/html 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 56
content-length: 9921
content-type: text/html
date: Sat, 09 Dec 2023 10:11:50 GMT
etag: "d9100a146ee339f43d0752ef9c998a0d"
last-modified: Tue, 17 Oct 2023 03:41:19 GMT
server: AmazonS3
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
x-amz-cf-id: 2e75KDJ4UqRuRHw6od07MOQI4Etlz0jF2LZTUIm_MjPbktXRmKIz0w==
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache: Hit from cloudfront

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame D8A5 11 KB
11 KB 47ms
46ms Script
application/javascript 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date: Sat, 09 Dec 2023 10:11:48 GMT
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 05:41:00 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 41
x-amz-server-side-encryption: AES256
etag: "f4a52d8d8c27ce73cc789edbfef51e62"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10828
x-amz-cf-id: _f3k24pMfOAoYtiZjs39sf_M3q7EmP_pOjgIStuXejsp2K_hjT0fIg==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 21BB 10 KB
10 KB 78ms
78ms Document
text/html 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 56
content-length: 9921
content-type: text/html
date: Sat, 09 Dec 2023 10:11:50 GMT
etag: "d9100a146ee339f43d0752ef9c998a0d"
last-modified: Tue, 17 Oct 2023 03:41:19 GMT
server: AmazonS3
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
x-amz-cf-id: _d87qWTSr5Ih9lDtoTJ4BW32UhSe1IFTRHgk_sBzLJVr-hR-S0Z2rw==
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache: Hit from cloudfront

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame F8CC 11 KB
11 KB 77ms
77ms Script
application/javascript 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date: Sat, 09 Dec 2023 10:11:48 GMT
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 05:41:00 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 41
x-amz-server-side-encryption: AES256
etag: "f4a52d8d8c27ce73cc789edbfef51e62"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10828
x-amz-cf-id: e_WPJVUgqLbmBfDhVoa-MsiUg1dkiWqVWxmLHl5yQHht0rtXFWtRUg==

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E94C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

84ms
75ms

Image
text/html

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s35-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

date: Sat, 09 Dec 2023 10:12:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK /
cm.lndata.com/ Frame 4F9C 35 B
470 B 392ms
109ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 09 Dec 2023 10:12:25 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame D245 0
218 B 148ms
39ms Document
text/html 52.192.8.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.8.212 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-8-212.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 10:12:25 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 502 cm.php Show response
fcm.holmesmind.com/ Frame 1541 332 B
473 B 6276ms
6202ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: /
Resource Hash: 8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 10:12:31 GMT
referrer-policy: no-referrer

GET
H2 200 cm.js Show response
fcm2.holmesmind.com/ Frame 4F9C 409 B
632 B 151ms
42ms Script
application/javascript 52.196.195.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm2.holmesmind.com/cm.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.196.195.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-195-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 09 Dec 2023 10:12:25 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript; charset=utf-8

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 4F9C 5 KB
3 KB 195ms
60ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 09 Dec 2023 10:22:25 GMT

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 4F9C 0
217 B 151ms
43ms Image
text/html 52.192.8.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.8.212 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-8-212.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2

200

cm
c.holmesmind.com/ Frame 4F9C
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
498 B

209ms
208ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

date: Sat, 09 Dec 2023 10:12:25 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-type: text/html; charset=UTF-8
location: https://c.holmesmind.com/cm?tc=getIn&
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

google
m.holmesmind.com/ml/ Frame 4F9C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEDQMJp8RS3gz7ZmBCyOnYK0&google_cver=1

0
474 B

156ms
93ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEDQMJp8RS3gz7ZmBCyOnYK0&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
x-guploader-uploadid: ABPtcPqOVBs18GoQ5Q2X61vwie9zlixOGyDqH4jtPPiXLFKLr81ymfcTT1Cs4gNKReyHpCwQhAtDyw5rarz0dSACHY0oSg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Sat, 09 Dec 2023 11:12:25 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEDQMJp8RS3gz7ZmBCyOnYK0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E94C 0
0 80ms
80ms Image
text/html 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7mRViD10ZeHJB6bG29gP9M-4sAOhmZfXdILG6LydEtugtY7FARABINLMgRpgiYvbhMgUoAHVkqrIKsgBAakCVwwSbPvAST7gAgCoAwHIAwqqBMUCT9CwysKDL-kifiNh_pUlw1np09wVnhYGirhk5Jud-fuIke4heqPxT_xvdTJkkKIAXrhKyCF7fU70o6uHjVyam4bepHzxY3tP49VStpqtuLkB_qhedZSSBvdKzTQS91l1fGR-zoa-oPJKv5h-Yy0wzJIBUpSgu73JjIXldqe032KAbr2KcxzSFMq0IUIKwsOH6eFw5hKrxqr8buhQqNy521ZKD2rX07jtm8Kn2z8cG951NpAvUKfaf6TiS0CfDHUATb_BC7DN5mjlyTU-ibqt20_Fg9U3F7wMd-2fiRVyRyqlLY3RLmjzH8cdPmS8grbnOW9j-5KrBd1_t6Jogukl-sMNoVXiaLdtAi9HMMGuKAL0DXGW9PDazpHyn6PQnVRFYKAGOH00FAgBDGage7fhkOL7O1HHNygQiAmq3T6P5L1TuZoEs8AEhJiEh9kE4AQBiAWV5KjGTZIFBAgEGAGSBQQIBRgEgAfVyvqnBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEO7mBNIIHQiAYRABGB0yAooCOgKAQEi9_cE6WNCtl_-OgoMDmgkgaHR0cHM6Ly9jYXJzaW5mb3IuY29tL2F1dG8tbmV3cy-ACgPICwGiDBAqDgoM5LSxAu61sQK1uLEC2gwRCgsQ4OL6pvHGhdnqARICAQPiDRMIoeuX_46CgwMVJuMWBR30Jw422BMC0BUBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=32IamyLDgTA&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaNoaYYCMFdm32nToTRhz-HEX_n3FUUm1xYJkpZBesY15O4mrWlUr_pfP0Cus1P1hhyB_u11Yb-6IuUEB56wuTov2BQ_tUOgY4RuhgB&template_id=5028&cbvp=2
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s35-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 Preset.js Show response
ad.holmesmind.com/adserver/ Frame D8A5 1 KB
673 B 145ms
57ms Script
text/html 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 js-md5.js Show response
cdn.holmesmind.com/js/ Frame D8A5 30 KB
30 KB 47ms
40ms Script
application/javascript 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/js-md5.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date: Sat, 09 Dec 2023 10:11:56 GMT
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:04:56 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 33
x-amz-server-side-encryption: AES256
etag: "ab3f6a2aedec7585237d5fb727bebcbb"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 30621
x-amz-cf-id: 3bUTgBw3r_3lpP_7etLX1aQW43C75qQpiL7fdlPmOK5Eh9v_DXTYOA==

GET
H/1.1 200
OK /
cm.lndata.com/ Frame 21BB 35 B
470 B 435ms
161ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 09 Dec 2023 10:12:25 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2 200 Preset.js Show response
ad.holmesmind.com/adserver/ Frame F8CC 7 KB
1 KB 100ms
62ms Script
text/html 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/Preset.js?z=14209
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: cd1a1c2e4f6310a0fd024f0741f9adb892f52778f8091e55d1b0db68d8fc97f9

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 js-md5.js Show response
cdn.holmesmind.com/js/ Frame F8CC 30 KB
30 KB 55ms
42ms Script
application/javascript 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/js-md5.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date: Sat, 09 Dec 2023 10:11:56 GMT
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:04:56 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 33
x-amz-server-side-encryption: AES256
etag: "ab3f6a2aedec7585237d5fb727bebcbb"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 30621
x-amz-cf-id: MFQohw6PX-L0d7ffETMCj1kfyZbxdam8YUlhxBSQhmxRVR9e10pNRQ==

GET
H2 200 1NMA3KFv_pn.css
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,ja_JP/ Frame AC2C 28 KB
6 KB 34ms
33ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,ja_JP/1NMA3KFv_pn.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

6604d53f95876c8b7cabb0609501f5b453662e925a10a2e8002ecf3df5858439

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ezGDj5kiP5CE9Y1p9bUbww==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6352
reporting-endpoints
x-fb-debug: fqqA+KyUjztpf9yLiGyq5gSGUQ6M2Gj6PN+tRP/VsMQxz0guTRLWAU29W+4fsdCOyBX3MEGRgB1PgcJtJbDr8w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 03 Dec 2024 00:42:15 GMT

GET
DATA 200
OK truncated
/ Frame AC2C 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 52LYZIhy45E.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ Frame AC2C 61 KB
16 KB 50ms
47ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/52LYZIhy45E.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

ab537e5d1aad79aa80216444bb19c9f009e435a714c7815d7ab071210fccb741

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: C2gh+uM0z58qULSGo8hJKg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15948
reporting-endpoints
x-fb-debug: mqWL48wjgt1FyNZRvlejObhZzQAeJLUMi27O+3tKKyxohGJwKyapdK6nQYjjdRyzzgv8folI9vdDNdhS+5sbAQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:16:33 GMT

GET
H2 200 2_UQu_HhTQu.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame AC2C 8 KB
3 KB 48ms
47ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/2_UQu_HhTQu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

aa03eb68227b8878eaceea508be01259496077ec5ed9b375f84c77f577b843ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9fmJr3THTP07qrIGN3DNCQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2755
reporting-endpoints
x-fb-debug: HMaNtlbuCjQPb7EmW1j/VRg1zZmIGUS5Ky512yFhYQDsuGshkqxejSN/VEVnkq74Jc2IaOQAsaIe7N+BOCFXIg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:08:04 GMT

GET
H2 200 ie38mp0O07P.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame AC2C 25 KB
10 KB 48ms
47ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CEYVgZg04j7erS0ub7sNsg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10390
reporting-endpoints
x-fb-debug: Lr2tatQQ2pAfLRBI7lIWSfa05UyW82wJJy6OUNTQbHSv+Y6xQ0nj7k6xuNcJhuqk/DQfSyLhWjQunM+PK3YEjQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 22:18:30 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BE22 0
58 B 70ms
69ms Ping
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3093409100084&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BE22 0
56 B 124ms
124ms Ping
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3093409100084&version=m202309260101&ct=77&x=1&cor=17705448152181406000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BE22 20 KB
14 KB 113ms
113ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BnWANGBxnV7uJtzjzKnf6AQTk7NeAxx5YhmCEixvV8uiV7k7sQLXogp3abZ3d2QJLDIZfODucCQypKpvVvTKM1OnYEER3QKvQSBZo89da-qvXO0JI4D5lR-RF5u03GcncRj29WCSv_ktwoNWEu9BgtllGdAa3rrCp0MHYOAdlgT6H8flA&cry=1&dbm_d=AKAmf-ATaxsfqB33sV8RTycUzMFmphJHBAuq4kTLuovb85fXhXdMBe9twTYva8XJReCzIeZj9LP7KgMXxiF2svexb3ygTiuPtP07KRGHaSSXY1xool_2NWQ0vaqEasyzGyFC5ommNNDTdsK_HyTcfs0BDCjI1StloIjKKkHoh0lr3Jo_Vwvs_Wqti3aedOiYT1OSZoaX2yfrjTbB9fA15Jbr3rCOlcoa81qWKZLFxC4BzrZFCbv4AJakuLfCjCSASo2e-fhotjlhJnyVRuY6A2NJBgK6KciVETBpcHydRJaawmLKupgoKkwr47_o-7XTOPpnLZaaoomxcYWM-dbDvpivqD8XYTqHr3Vdm4G807t_A2bIrwcT9rV3-f7f4PKLcXstSi3F1v0t25SxojJV6CKI5mI6rqN2g_nkxipDZ_21fm2xxuG0XuP7XsQM_jU1SKFzYpV4tbu6LDGuWYBS3AP3lIa2G-c-2ObnCDG1it0lPMiFXWkc7RzUEdsNcS5RMWKwu7EBqUwE4knZhUSawIKsj3Z5E54EDVdLLp5vXjuKTqkCFKQiNqkGoPlDUReB1yjIF6-5EtEkFoTVvPUrEkn-lk9lFhjGZQ9mzsDspSgohlM0492sL-COTp2s1_6nBmzm_DooYP6MMfU1lo2xyxeXVuws4LeyC_CVylx5uwfbbAFWmKBZBVKEJEmdXORVph_77Bo1WYTGxuXedha95Yt_Kezp0EV6H4-Unsxv27-O-Gt_Ja2D_LtcxkweuUY4aRhv9vs017XrtUjQxTclkz9ASHXXmcgGG4kds8w9XWXS70geN8zDCUv715KJf1-al-_HA7Aa_KNK6u45S6QUxpkkdrhHHfG9pbvv51oPBBl7tX-wgq1A6mdP8wAb43_pIqZnPIlcqNofApYC9iKsEF2JJXe5Nepuf5iqZkdAF28CJrIxHlm7nSuJoLNJGWaKXJJrxYjSekh6XciI1aqf2o_1ySQ-ItPslmW4arQHD91Ege1F6CwmhBGMF2wefkq68-9JvWkmfrs8xKbIxTPfEPIXC3zp2mBWD1_32fafbBHOJ5M5PX4D6sssosBOw23u5HutV72eI-RI78PZrOGeJRgaoVPt66XIAIRKHty6z97XyrBFsrDyWEgGjSR75SE5t8oBq_0UyjBg_nhyHTvjUwisfv6Y7naBeT3y0n9SIUacOjtTdWRL2fxe66QGwYBZbjyES5idn0kOfZmPOnRhtIjuI1LVlNsxy5a3bxSWvzOY0qceJCXV8L5r_iXbEdO0Ya_gwHprta1Aay-heobNjdbegwujMwHe6tBQ5CRvXMtFZKKIskcldo7NTMqZIPHJiOv6mQmKpW-kXedq-gNb4Jl_Eq9j4MAsWhKoNLfFIyBgTg3zYz1OyT_Uk0Z3ztF9S_R1mSqT4bwSlp_7SmP4MzNQh64ZwPELxrNn9K42ExudqRMv-de26FgcgLhsZ5BVKMubMEHuz1FK654M_P_HBQVXcKTQZiOHiVMXBjirFn5Ym2MJHNX3nkODBpnQulT0oL2uozqsFKE3o89D3IxiS-hpoEvLowvEXR4awUCyl4S9gpYGQxYyRCrialPKWg0h6tjjsw_IZXYajokqhc8QN3JCrTgxjiXU4LSJ53Cp--NTA3lPKd-Gi7_pQXbR-p8FZxCJL0SXKV36Lca-jiGsE1EKyO_lSnxo6RmXGpcPJ93gW6oAhmz3iI4TtZYmyHe6BhltwAS-xoIxMvSyi9p00rvscRx2B2URUWVdeLXgdW5Okg1Pk8mWKy5sfSoawv6d0J4-PQdlfDGrwaV-3jkOFMuzWvI8_g9VAdj_GBabrtdoDchElEVim1toF5-J75m4tx7oGXRcMzjsVDVWatL12Qr5bG09Fk5YgkPXIdlsg6hnnlw8I0T3MqMp78wLtzYbZXhUwTEj8Kbyc4g54owKiYV7ANnWLBXVZcKPIrOSD36HpSwafg9oQhonBn4-e4JslVUnKqPOp1u71e9pBxlulCbrTZXLBr7iZFeZMrbGzEMATm5H7del_dF3KPqMzoq404-D5_0TZytGvbWdfVlhMpmBJvX33MVjNidUcVVzkvj6TiBQ0t_JqcnzUzWM53uuD117D_W2oFANShXrWBW4NtQ4stdljYCGaTsEzAtSNASbBU2BsbYjJn7j4k0Gn9T6sX0_wSvYNuHUGV_cstcl6yIadOVwMIEk2A5i8uHfMFArnKMItK1Oc0IsUHp_MnV-wqYCjH54GyIEtxZuzl_rXS6gai2w4un7F4AsWyZ_A93IlebicYV5ItmoeNwZb-qkwak5TOB1XNttxsHyC-UOWMiPHwDqYUvg_FHY0GzjzWPMHLygdRDyGP6ynAPuHZ8znZku9fZ6ZzGgPIfx9H-Bw-3Rz8K_kWtDOo9LVwwHvj5WjdymWJxTTpqNxuh5V95FYWgirI_Ii7HFEyXDtUxATyf1iN-ts_Ttn-FCCpKfRE4pOCsD3VsusarcbeByIeS6XooqdUAe5KswjJ5WHvChb9wCeeC4Q4YCV3wZTWhKEYz0FoOzOJdklj31Uv9AG2DmIzNeRNUdf94folXHK4pUJ5gjmhLqmtFPRxa4sKaWUwQ4MmB6WLL37wc4a0_aLBIGq0c8Bz_64hhCDRhxxCQ3MyHJqf8RngjivUpkGV72BHeVaN3oQSNMdp1puRI9zHsz0ECm480rBGgcfnBqKifbtRQ0EsO01f3rvBJ9rmZzuURu2t0KsEvqICIJelrPNP4OSNAfMktZTPg7nvHLKg34LhDtf0XupknhXxY3W9WXDbxFZdHoFSJGCRuIQaatG8yw2rDFRqGoXlhdtzgJTZF3Zu-eN4QdP9wmkHWcvZI0OldDE5caPwvMn3FrjetnkpRECLJmPlR1FprM5-bd7nzpBmfuTOdx1DXxzonX0O__ibiK8ow2cSWh0r7sXy5H0b8k8sgam3Xd7XGD9MiYyPqFsNhi91tODyB4JEw_IXRSGIsONSJVkQDTsH2kL84wmGkv_hYAh4vtpr-HVGxNkZGGV-HfCmYpAiMNsClUEy5-XOVTQ4T6zUezjNJylSAYkr4CSdqz1hFc6upKxsFsK8CiQECx87LHF1hPtsEiqtnPq8LaRTiElaIO4lfOaLLMGrf0RTYeMFcqLTGDIjLXdJiqzYFxKoM2FOEKFYm_LzNrtfH4U85pU3g5vtY3ne2kiRE2y3smcxz9AShDqqbDVXBOqOnbuEIe4LIGu_tWcbdnkjrIuHpM15zczIjEg68VihizC6mjjjA0qk7BdKHoYcygJes_pxI4pcg_WPBpNW6oNVpm11ogg8a27Kh-MCuxyIfNaut2VIKC9WKiOa20iSRffcm8hL9wRLbQhXgib-Geg2dk9W4UIr4baPM9iVXskSNHNtQqL7_dw0hiJAHvqVxSa7oM1WJvjvn8NfOuDSVYddp7UivqXsRoYcAd4ZU_hZgzmG0jkeZQjeFZeCl6ozGLnRas0ev9pnYc6n-dl4FC8XhbPxTyH2qgE2NVJUm6E30nIO9LOuvA8lfZIjfaTrkx7lkvSoYtoA4z0mDmSFAk5KNay_rN0zLabEFy8eU9wRBUUEG_fwH2UvqzlwZ92czpSp5nVkQTI5QBthPkmaGJ5TLvqY4FnToFY0vTajVic7uO4Nn01WSrvj4lf1orkJvBt9n42DvX5xiQ0MUYXw9aTMRwGarhWbP7V-vD67LJ6zpkRg6SJ9C25cPO76Fc0okFqpZI9suDu7_eaVfqxAh-X96gCWvwlj4z4MgxcXQezH0fNEOv98SWyruzV7VAdZwfO9WVhPFUGg0gDVlh_SND9Lu7tb6z9WPzjpD65PhHlt7aoSBbFvoFij4il5BkWfQOnpgd3YRFa4oTSMgOV0bU0t18BsYC8iMIRpfo8ujnolrEj4CaSbA2WpkYHDVrPIWnLf9Se8qKxd6rR5d9cjR3rtMLjt17T89yWES4qC0D0z4d0BLnPyshlJbbjg-DAFBXuZC2nM3y6UY5mdedfN5at5uiTa-FwF7YmNqpNsSdjGyiavVFc0OGaoD4fkCuWLpfRWSp57rID-8Ad_gnrrvgbwC1KHPHZ-sVl4GRRSiJ-7OhjQ08QO0BtkXbosFTHmR_abEX8pwyjlsFVEkFdWpJBX6uIUeAIA5XpEw&cid=CAQSTgDICaaNoaYYCMFdm32nToTRhz-HEX_n3FUUm1xYJkpZBesY15O4mrWlUr_pfP0Cus1P1hhyB_u11Yb-6IuUEB56wuTov2BQ_tUOgY4RuhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=17705448152181406000&adk=1964084971&idt=640&cac=0&dtd=33

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

499e8bca2c5e7152068e00790400d102582a71138fafe9c2761a2672da601c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13821
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame 21BB
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
499 B

190ms
189ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

date: Sat, 09 Dec 2023 10:12:25 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-type: text/html; charset=UTF-8
location: https://c.holmesmind.com/cm?tc=getIn&
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

google
m.holmesmind.com/ml/ Frame 21BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEDQMJp8RS3gz7ZmBCyOnYK0&google_cver=1

0
55 B

67ms
67ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEDQMJp8RS3gz7ZmBCyOnYK0&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
age: 0
x-guploader-uploadid: ABPtcPqOVBs18GoQ5Q2X61vwie9zlixOGyDqH4jtPPiXLFKLr81ymfcTT1Cs4gNKReyHpCwQhAtDyw5rarz0dSACHY0oSg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Sat, 09 Dec 2023 11:12:25 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEDQMJp8RS3gz7ZmBCyOnYK0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 21BB 0
217 B 98ms
95ms Image
text/html 52.192.8.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.8.212 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-8-212.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2 200 float.js Show response
s.trvdp.com/scripts/v5.832/ 469 KB
139 KB 213ms
55ms Script
application/javascript 13.32.50.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.832/float.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.50.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-50-115.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:09:30 GMT
content-encoding: gzip
via: 1.1 6dfb7749b068f934616db797ff5b18ee.cloudfront.net (CloudFront)
last-modified: Sun, 15 Oct 2023 15:13:28 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 1476176
etag: W/"ae8e71eddcd185d49d5b9a8ef8a2ef6a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ehwEaeG_u-8Vck1Az0AuOA6dhi-LviLoc8GNUmP4UQIsgLopl-S-dw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 4F9C 202 KB
53 KB 77ms
77ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Dec 2023 10:12:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: vNAqaxwo4KV/Lin+GsvfxZnzecmoKY8N1cM9neGGJh57GGybXnbOcr+OqrjIIN6adVWk9dct65jwGLCXpsi+AA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame D8A5 3 KB
1 KB 149ms
146ms Script
text/html 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=333&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=1906-fI3sc0qfvKERdlTYushJk1Qjmmwrilt3&fp_uuid=1906-f8ace5c8087c5fa8bab53298a7b0de27&initver=230627P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b1c0a68288019435780959c3424fe419310b780da760bc9744e31f107b34a40c

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame D8A5 3 KB
3 KB 84ms
82ms Script
application/javascript 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date: Sat, 09 Dec 2023 10:12:25 GMT
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 03:28:50 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 13
x-amz-server-side-encryption: AES256
etag: "519bf06eca29382b4ee4cc4f1dace214"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2905
x-amz-cf-id: 6fguOA2DjHysuh7UfryDvQWtPwdY_MgfcYUWbrwyGjPXXTvpKGZj5Q==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame D8A5 131 KB
42 KB 87ms
84ms Script
text/javascript 182.161.74.1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-20a3d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:12:25 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame D8A5 3 KB
4 KB 85ms
83ms Script
application/javascript 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date: Sat, 09 Dec 2023 10:11:50 GMT
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 02:29:01 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 57
x-amz-server-side-encryption: AES256
etag: "13519f9e63c9828d93a698c47992e115"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3197
x-amz-cf-id: tUg8Z19FxytUiJbct7YCtCCmmoI1z4qk3k43rXGCHEJKXwo7_LmpRA==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame D8A5 3 KB
4 KB 85ms
83ms Script
application/javascript 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date: Sat, 09 Dec 2023 10:12:25 GMT
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:50:04 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 13
x-amz-server-side-encryption: AES256
etag: "41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3470
x-amz-cf-id: IGB-izeyGOT6SDVQIG37mud8LnUWvf6igx2CMUJ9XXi31T8C0AzVAQ==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame D8A5 3 KB
4 KB 85ms
84ms Script
application/javascript 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: vx758Mn4TxvAFYWIa_VgUv909JqZwBmr
date: Sat, 09 Dec 2023 10:11:49 GMT
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 05:30:47 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 38
x-amz-server-side-encryption: AES256
etag: "a63d91ae98de3f6d3d1ec4ebd2b3bab9"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3349
x-amz-cf-id: UjO8VEFqoAxshady7rGd_S2OSzgRdq1alkPTCrcYKTjX8FWG2JXOCQ==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame D8A5 5 KB
6 KB 92ms
90ms Script
application/javascript 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date: Sat, 09 Dec 2023 10:12:25 GMT
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:15:25 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 11
x-amz-server-side-encryption: AES256
etag: "ec9ddd169f5fd01f28f9b31866cd4701"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5467
x-amz-cf-id: 28GnaVVgx6sRejzJI7Xjz1-O2-n_ANXi0QhGI0JMuj7sS2OXjiGAjg==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame F8CC 2 KB
1 KB 112ms
111ms Script
text/html 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=851&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=1906-fI3sc0qfvKERdlTYushJk1Qjmmwrilt3&fp_uuid=1906-f8ace5c8087c5fa8bab53298a7b0de27&initver=230627P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 195e0df98da82f20e97d996cd7a7b72c1ac94a03ec4514c90240962e32d31c56

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 09 Dec 2023 10:12:25 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame F8CC 3 KB
4 KB 84ms
84ms Script
application/javascript 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: vx758Mn4TxvAFYWIa_VgUv909JqZwBmr
date: Sat, 09 Dec 2023 10:11:49 GMT
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 05:30:47 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 38
x-amz-server-side-encryption: AES256
etag: "a63d91ae98de3f6d3d1ec4ebd2b3bab9"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3349
x-amz-cf-id: VH9ZulL6xAS1IHH-xb9r_SQIzy7Ic8DikXrjRQNO4epntYQ_dPO0Sg==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame F8CC 5 KB
6 KB 90ms
90ms Script
application/javascript 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date: Sat, 09 Dec 2023 10:12:25 GMT
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:15:25 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 11
x-amz-server-side-encryption: AES256
etag: "ec9ddd169f5fd01f28f9b31866cd4701"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5467
x-amz-cf-id: st162QVO53_dZi-h-Qw_fFS4vxp0ezaWxDamRfJmD4LDTBLdA6yr5w==

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 4F9C 37 B
408 B 144ms
144ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

3e46f04463ad894a0e86811482b478ec44878d45900ab2162d0a3e4876098cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 305964663_450890893727816_1742559653774706626_n.jpg
scontent-itm1-1.xx.fbcdn.net/v/t39.30808-1/ Frame AC2C 1 KB
1 KB 71ms
70ms Image
image/jpeg 157.240.209.14
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-itm1-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=4da83f&_nc_ohc=wnzSsJ60VVQAX_7GwwB&_nc_ht=scontent-itm1-1.xx&oh=00_AfA5sWhkOl-9vgpjXqExoaFRJ4v6y7YBbqU8lvOqyIMjlA&oe=65784515
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.14 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 08 Sep 2022 19:16:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2540016234
thrift_fmhk: GBBuInxWv/H3KKPev1vnnVEuFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 88386505
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1345

GET
H2 200 10041237451703642184
external-itm1-1.xx.fbcdn.net/emg1/v/t13/ Frame AC2C 24 KB
25 KB 82ms
77ms Image
image/jpeg 157.240.209.14
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://external-itm1-1.xx.fbcdn.net/emg1/v/t13/10041237451703642184?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2023%2F09%2FCoupang%E9%85%B7%E6%BE%8E%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbG6Z6bBB68oriFn88lXUaGaVp6LxNDBRrpy7Rd9Fk6UfQ&oe=657630AA&_nc_sid=e42f53
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.14 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 4cae1a25d86e49521475bc48221489901b3b39d63c07e9889de221bad8d7ac16

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
last-modified: Sat, 18 Nov 2023 18:26:20 GMT
x-fb-original-response-code: 200
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2843534909
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
x-fb-original-response-reason: OK
content-length: 25039
alt-svc: h3=":443"; ma=86400

GET
H2 200 9383379062544900719
external-itm1-1.xx.fbcdn.net/emg1/v/t13/ Frame AC2C 32 KB
32 KB 93ms
87ms Image
image/jpeg 157.240.209.14
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://external-itm1-1.xx.fbcdn.net/emg1/v/t13/9383379062544900719?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2023%2F09%2F%E5%85%83%E5%A4%A7%E9%91%BD%E9%87%91%E6%99%BA%E5%AF%8C-icash-%E5%8D%A1.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbGen92nwHbO2RE8c4hVbX7HZuhiORSFy1pIvPN6SfDCmw&oe=6575D057&_nc_sid=e42f53
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.14 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: c7b4b5dc3ddc85576c11a8d1fe5d82316632454870c40f31616ccc4e249c4fc6

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
last-modified: Sat, 09 Dec 2023 08:25:41 GMT
x-fb-original-response-code: 200
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=264420440
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
x-fb-original-response-reason: OK
content-length: 32258
alt-svc: h3=":443"; ma=86400

GET
H2 200 377339650_120200301975300248_5194458254965859906_n.jpg
scontent-itm1-1.xx.fbcdn.net/v/t45.1600-4/ Frame AC2C 21 KB
21 KB 71ms
71ms Image
image/jpeg 157.240.209.14
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-itm1-1.xx.fbcdn.net/v/t45.1600-4/377339650_120200301975300248_5194458254965859906_n.jpg?stp=c0.36.1200.628a_cp0_dst-jpg_q75_s350x350_spS444&_nc_cat=111&ccb=1-7&_nc_sid=528f85&_nc_ohc=jvO2BowEKi4AX_Z4Nzh&_nc_ht=scontent-itm1-1.xx&oh=00_AfAxUrT8fnWmZBqF034zgxRG2FlgRcQhYpkAncwRFQG5JA&oe=6578AA36
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.14 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: dbd47670b0bb46f0bf402a24a3793ed813de07921a104da141c9d68e5f5cd074

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 15 Oct 2023 12:04:46 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2355244660
thrift_fmhk: GBAIkjxM60YhqGYNyuU0UW9aFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 620079190
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 21355

GET
H2 200 377987026_690579996425570_2654391587099280527_n.jpg
scontent-itm1-1.xx.fbcdn.net/v/t39.30808-6/ Frame AC2C 13 KB
13 KB 71ms
71ms Image
image/jpeg 157.240.209.14
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-itm1-1.xx.fbcdn.net/v/t39.30808-6/377987026_690579996425570_2654391587099280527_n.jpg?stp=cp6_dst-jpg_p160x160&_nc_cat=101&ccb=1-7&_nc_sid=ab7367&_nc_ohc=Awi1ilN6StcAX_TAcdA&_nc_ht=scontent-itm1-1.xx&oh=00_AfBxHyxSVI30N9ooMZ4naUK9fPDqluiWmwybOXz-IXVtOg&oe=65793774
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.14 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 142def09d9dbc6078f880d256cadd2e15f3808f149bfed6163de428ad0ab7d72

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 10 Sep 2023 13:30:13 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3507493438
thrift_fmhk: GBAenkctg/GF/j7zTImXdDjtFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3809633873
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 13165

GET
H2 200 re1hPxQECWj.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame AC2C 3 KB
3 KB 68ms
68ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/re1hPxQECWj.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,ja_JP/L9vxdWjqRLv.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

fcdaa4a9116d5ab88233e3349fea2428f2a4c46b3538900117cef9c8c1d31f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,ja_JP/L9vxdWjqRLv.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
x-content-type-options: nosniff
content-md5: i7RWZH3OINQHgRs93K4JmQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2674
reporting-endpoints
x-fb-debug: DM1Cs+RBbTMWVsuDxQL9fIqvPvBbqjne4Lic0xd6ChY0Ua7mdpjXf+hgtqWIw43AsRK9uB4OK2Q6XrSFKqGOJw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:01:49 GMT

GET
H2 200 MKQzjVd1bVq.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame AC2C 548 B
978 B 67ms
67ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/MKQzjVd1bVq.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

83b7d2afe243941c2527b2d875836ad2cb864290690dd1b253389de3f7bc7da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:25 GMT
x-content-type-options: nosniff
content-md5: l20F61ct/3QC2rM+eGjRow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 548
reporting-endpoints
x-fb-debug: HtaBpQ9bLXaJ+mCHH+lbGpjlu6wwfjXq6hb1bVKPOeUaQAh+dAr4/K/qWRio4uYRJJ2+8PUdker/N8LrUsSbHA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 18:03:52 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame BE22 41 KB
14 KB 39ms
38ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BnWANGBxnV7uJtzjzKnf6AQTk7NeAxx5YhmCEixvV8uiV7k7sQLXogp3abZ3d2QJLDIZfODucCQypKpvVvTKM1OnYEER3QKvQSBZo89da-qvXO0JI4D5lR-RF5u03GcncRj29WCSv_ktwoNWEu9BgtllGdAa3rrCp0MHYOAdlgT6H8flA&cry=1&dbm_d=AKAmf-ATaxsfqB33sV8RTycUzMFmphJHBAuq4kTLuovb85fXhXdMBe9twTYva8XJReCzIeZj9LP7KgMXxiF2svexb3ygTiuPtP07KRGHaSSXY1xool_2NWQ0vaqEasyzGyFC5ommNNDTdsK_HyTcfs0BDCjI1StloIjKKkHoh0lr3Jo_Vwvs_Wqti3aedOiYT1OSZoaX2yfrjTbB9fA15Jbr3rCOlcoa81qWKZLFxC4BzrZFCbv4AJakuLfCjCSASo2e-fhotjlhJnyVRuY6A2NJBgK6KciVETBpcHydRJaawmLKupgoKkwr47_o-7XTOPpnLZaaoomxcYWM-dbDvpivqD8XYTqHr3Vdm4G807t_A2bIrwcT9rV3-f7f4PKLcXstSi3F1v0t25SxojJV6CKI5mI6rqN2g_nkxipDZ_21fm2xxuG0XuP7XsQM_jU1SKFzYpV4tbu6LDGuWYBS3AP3lIa2G-c-2ObnCDG1it0lPMiFXWkc7RzUEdsNcS5RMWKwu7EBqUwE4knZhUSawIKsj3Z5E54EDVdLLp5vXjuKTqkCFKQiNqkGoPlDUReB1yjIF6-5EtEkFoTVvPUrEkn-lk9lFhjGZQ9mzsDspSgohlM0492sL-COTp2s1_6nBmzm_DooYP6MMfU1lo2xyxeXVuws4LeyC_CVylx5uwfbbAFWmKBZBVKEJEmdXORVph_77Bo1WYTGxuXedha95Yt_Kezp0EV6H4-Unsxv27-O-Gt_Ja2D_LtcxkweuUY4aRhv9vs017XrtUjQxTclkz9ASHXXmcgGG4kds8w9XWXS70geN8zDCUv715KJf1-al-_HA7Aa_KNK6u45S6QUxpkkdrhHHfG9pbvv51oPBBl7tX-wgq1A6mdP8wAb43_pIqZnPIlcqNofApYC9iKsEF2JJXe5Nepuf5iqZkdAF28CJrIxHlm7nSuJoLNJGWaKXJJrxYjSekh6XciI1aqf2o_1ySQ-ItPslmW4arQHD91Ege1F6CwmhBGMF2wefkq68-9JvWkmfrs8xKbIxTPfEPIXC3zp2mBWD1_32fafbBHOJ5M5PX4D6sssosBOw23u5HutV72eI-RI78PZrOGeJRgaoVPt66XIAIRKHty6z97XyrBFsrDyWEgGjSR75SE5t8oBq_0UyjBg_nhyHTvjUwisfv6Y7naBeT3y0n9SIUacOjtTdWRL2fxe66QGwYBZbjyES5idn0kOfZmPOnRhtIjuI1LVlNsxy5a3bxSWvzOY0qceJCXV8L5r_iXbEdO0Ya_gwHprta1Aay-heobNjdbegwujMwHe6tBQ5CRvXMtFZKKIskcldo7NTMqZIPHJiOv6mQmKpW-kXedq-gNb4Jl_Eq9j4MAsWhKoNLfFIyBgTg3zYz1OyT_Uk0Z3ztF9S_R1mSqT4bwSlp_7SmP4MzNQh64ZwPELxrNn9K42ExudqRMv-de26FgcgLhsZ5BVKMubMEHuz1FK654M_P_HBQVXcKTQZiOHiVMXBjirFn5Ym2MJHNX3nkODBpnQulT0oL2uozqsFKE3o89D3IxiS-hpoEvLowvEXR4awUCyl4S9gpYGQxYyRCrialPKWg0h6tjjsw_IZXYajokqhc8QN3JCrTgxjiXU4LSJ53Cp--NTA3lPKd-Gi7_pQXbR-p8FZxCJL0SXKV36Lca-jiGsE1EKyO_lSnxo6RmXGpcPJ93gW6oAhmz3iI4TtZYmyHe6BhltwAS-xoIxMvSyi9p00rvscRx2B2URUWVdeLXgdW5Okg1Pk8mWKy5sfSoawv6d0J4-PQdlfDGrwaV-3jkOFMuzWvI8_g9VAdj_GBabrtdoDchElEVim1toF5-J75m4tx7oGXRcMzjsVDVWatL12Qr5bG09Fk5YgkPXIdlsg6hnnlw8I0T3MqMp78wLtzYbZXhUwTEj8Kbyc4g54owKiYV7ANnWLBXVZcKPIrOSD36HpSwafg9oQhonBn4-e4JslVUnKqPOp1u71e9pBxlulCbrTZXLBr7iZFeZMrbGzEMATm5H7del_dF3KPqMzoq404-D5_0TZytGvbWdfVlhMpmBJvX33MVjNidUcVVzkvj6TiBQ0t_JqcnzUzWM53uuD117D_W2oFANShXrWBW4NtQ4stdljYCGaTsEzAtSNASbBU2BsbYjJn7j4k0Gn9T6sX0_wSvYNuHUGV_cstcl6yIadOVwMIEk2A5i8uHfMFArnKMItK1Oc0IsUHp_MnV-wqYCjH54GyIEtxZuzl_rXS6gai2w4un7F4AsWyZ_A93IlebicYV5ItmoeNwZb-qkwak5TOB1XNttxsHyC-UOWMiPHwDqYUvg_FHY0GzjzWPMHLygdRDyGP6ynAPuHZ8znZku9fZ6ZzGgPIfx9H-Bw-3Rz8K_kWtDOo9LVwwHvj5WjdymWJxTTpqNxuh5V95FYWgirI_Ii7HFEyXDtUxATyf1iN-ts_Ttn-FCCpKfRE4pOCsD3VsusarcbeByIeS6XooqdUAe5KswjJ5WHvChb9wCeeC4Q4YCV3wZTWhKEYz0FoOzOJdklj31Uv9AG2DmIzNeRNUdf94folXHK4pUJ5gjmhLqmtFPRxa4sKaWUwQ4MmB6WLL37wc4a0_aLBIGq0c8Bz_64hhCDRhxxCQ3MyHJqf8RngjivUpkGV72BHeVaN3oQSNMdp1puRI9zHsz0ECm480rBGgcfnBqKifbtRQ0EsO01f3rvBJ9rmZzuURu2t0KsEvqICIJelrPNP4OSNAfMktZTPg7nvHLKg34LhDtf0XupknhXxY3W9WXDbxFZdHoFSJGCRuIQaatG8yw2rDFRqGoXlhdtzgJTZF3Zu-eN4QdP9wmkHWcvZI0OldDE5caPwvMn3FrjetnkpRECLJmPlR1FprM5-bd7nzpBmfuTOdx1DXxzonX0O__ibiK8ow2cSWh0r7sXy5H0b8k8sgam3Xd7XGD9MiYyPqFsNhi91tODyB4JEw_IXRSGIsONSJVkQDTsH2kL84wmGkv_hYAh4vtpr-HVGxNkZGGV-HfCmYpAiMNsClUEy5-XOVTQ4T6zUezjNJylSAYkr4CSdqz1hFc6upKxsFsK8CiQECx87LHF1hPtsEiqtnPq8LaRTiElaIO4lfOaLLMGrf0RTYeMFcqLTGDIjLXdJiqzYFxKoM2FOEKFYm_LzNrtfH4U85pU3g5vtY3ne2kiRE2y3smcxz9AShDqqbDVXBOqOnbuEIe4LIGu_tWcbdnkjrIuHpM15zczIjEg68VihizC6mjjjA0qk7BdKHoYcygJes_pxI4pcg_WPBpNW6oNVpm11ogg8a27Kh-MCuxyIfNaut2VIKC9WKiOa20iSRffcm8hL9wRLbQhXgib-Geg2dk9W4UIr4baPM9iVXskSNHNtQqL7_dw0hiJAHvqVxSa7oM1WJvjvn8NfOuDSVYddp7UivqXsRoYcAd4ZU_hZgzmG0jkeZQjeFZeCl6ozGLnRas0ev9pnYc6n-dl4FC8XhbPxTyH2qgE2NVJUm6E30nIO9LOuvA8lfZIjfaTrkx7lkvSoYtoA4z0mDmSFAk5KNay_rN0zLabEFy8eU9wRBUUEG_fwH2UvqzlwZ92czpSp5nVkQTI5QBthPkmaGJ5TLvqY4FnToFY0vTajVic7uO4Nn01WSrvj4lf1orkJvBt9n42DvX5xiQ0MUYXw9aTMRwGarhWbP7V-vD67LJ6zpkRg6SJ9C25cPO76Fc0okFqpZI9suDu7_eaVfqxAh-X96gCWvwlj4z4MgxcXQezH0fNEOv98SWyruzV7VAdZwfO9WVhPFUGg0gDVlh_SND9Lu7tb6z9WPzjpD65PhHlt7aoSBbFvoFij4il5BkWfQOnpgd3YRFa4oTSMgOV0bU0t18BsYC8iMIRpfo8ujnolrEj4CaSbA2WpkYHDVrPIWnLf9Se8qKxd6rR5d9cjR3rtMLjt17T89yWES4qC0D0z4d0BLnPyshlJbbjg-DAFBXuZC2nM3y6UY5mdedfN5at5uiTa-FwF7YmNqpNsSdjGyiavVFc0OGaoD4fkCuWLpfRWSp57rID-8Ad_gnrrvgbwC1KHPHZ-sVl4GRRSiJ-7OhjQ08QO0BtkXbosFTHmR_abEX8pwyjlsFVEkFdWpJBX6uIUeAIA5XpEw&cid=CAQSTgDICaaNoaYYCMFdm32nToTRhz-HEX_n3FUUm1xYJkpZBesY15O4mrWlUr_pfP0Cus1P1hhyB_u11Yb-6IuUEB56wuTov2BQ_tUOgY4RuhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=17705448152181406000&adk=1964084971&idt=640&cac=0&dtd=33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 14:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 329040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 14:48:25 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjExNjc0NTUyNjU1MwogIHNlcnZlcl9pcDogMzQ1NTc2MTIKICBwcm9jZXNzX2lkOiAyODU1MzE1MDMKfQpmbG9vZGxpZ2h0X2NvbmZpZ19pZDogOTIxMjI1Mgph...
ad.doubleclick.net/ddm/activity/ Frame BE22 0
858 B 234ms
122ms Image
image/png 142.251.42.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjExNjc0NTUyNjU1MwogIHNlcnZlcl9pcDogMzQ1NTc2MTIKICBwcm9jZXNzX2lkOiAyODU1MzE1MDMKfQpmbG9vZGxpZ2h0X2NvbmZpZ19pZDogOTIxMjI1MgphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vYWRvYmUuY29tIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDQ3ODQwNTI5OTcyMTg1MTQ4MQpkZWJ1Z19rZXk6IDEyMTQwOTk0MDcxNTQzMjUyNjQyCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0wOSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDkyMTIyNTIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMjI0MjAzODgKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDc0MDA4NjA3NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNTIzNTQ3MDIyMQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM5NjMyODA3OAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZG9iZS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9mbGFzaHRhbGtpbmcuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZnJhbWUuaW8iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
URL: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:25 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xa625d7452d0e82a70000000000000000","13":"0x6fbb6c39ff2604d00000000000000000","14":"0xc79a3399dbc8d8da0000000000000000","15":"0x8c3d11181b97e560000000000000000"},"debug_key":"12140994071543252642","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"478405299721851481"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal124.js Show response
cdn.doubleverify.com/ Frame BE22 60 KB
20 KB 40ms
40ms Script
application/javascript 23.61.252.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115752&plc=4398657&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iF17KROIk8adFLuW3ESRMM&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=449233607217&turl=https://reurl.cc/gaOWLp&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.252.83 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-252-83.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:12:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 07:41:53 GMT
Server: UploadServer
ETag: "36b6087525da09e8974d3f2aa1f7282d"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19649
Expires: Sun, 08 Dec 2024 10:12:25 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame D8A5 0
171 B 395ms
194ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 09 Dec 2023 10:12:25 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame D8A5 2 KB
2 KB 254ms
67ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.022803168203922253
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: 7b2f98c8df9696960e03c50f6fca44df90124fd30d84c9516009d9f060d604cd

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://reurl.cc
Date: Sat, 09 Dec 2023 10:12:25 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel
Transfer-Encoding: chunked

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame D8A5
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=IVwhxpC-Aruy4MeEiT10ZQ

2 B
159 B

66ms
66ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=IVwhxpC-Aruy4MeEiT10ZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:26 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 09 Dec 2023 10:12:25 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=IVwhxpC-Aruy4MeEiT10ZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame F8CC
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=Iy3fz7gJCZqXRFoaiT10ZQ

2 B
130 B

181ms
181ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=Iy3fz7gJCZqXRFoaiT10ZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:26 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 09 Dec 2023 10:12:25 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=Iy3fz7gJCZqXRFoaiT10ZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame F8CC
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=CK50KXV9DzKc4xaOiT10ZQ

2 B
130 B

183ms
182ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=CK50KXV9DzKc4xaOiT10ZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:26 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 09 Dec 2023 10:12:25 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=CK50KXV9DzKc4xaOiT10ZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame F8CC
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=8IHgWBdACiCJIvPLiT10ZQ

2 B
130 B

185ms
184ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=8IHgWBdACiCJIvPLiT10ZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:26 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 09 Dec 2023 10:12:25 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=8IHgWBdACiCJIvPLiT10ZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame F8CC
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=q2jE0XZ_B72Bjtl6iT10ZQ

2 B
130 B

67ms
66ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=q2jE0XZ_B72Bjtl6iT10ZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:26 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 09 Dec 2023 10:12:25 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=q2jE0XZ_B72Bjtl6iT10ZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame F8CC 13 KB
13 KB 52ms
48ms Script
application/javascript 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=851&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=1906-fI3sc0qfvKERdlTYushJk1Qjmmwrilt3&fp_uuid=1906-f8ace5c8087c5fa8bab53298a7b0de27&initver=230627P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date: Sat, 09 Dec 2023 10:12:25 GMT
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:54:55 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 26
x-amz-server-side-encryption: AES256
etag: "dcf480340ca4b65dc9aa76bd9e677036"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 13033
x-amz-cf-id: 0rhgIlQZxpZh7b1QxmysR1IQLAugq2BhaNESIL-XD-xcDHyc6gu9KQ==

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame D8A5
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=RGx8mb12BRyLvzL_iT10ZQ

2 B
130 B

77ms
76ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=RGx8mb12BRyLvzL_iT10ZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:26 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 09 Dec 2023 10:12:25 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=RGx8mb12BRyLvzL_iT10ZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame D8A5 0
187 B 471ms
55ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=145&profileId=184&bundle=2x6ah19DcWElMkZzNXZvJTJCV2V1NE9yTGJ1Y2lCaFdnWlpkSmFQcExEUU16VFh5SDQlMkZ3UGxYYzdVRGx4YmhVRkF1clNVWWZBbjY0Q05samRHdjE3Z2RDcGRNUmM0U2VRcXVJJTJCczBjRVpwZnBEOGo4WVhFTzllaE02ajVSOFppWE9LeGhiTEM5QjJ6dFZrcXBpV1ppenp1JTJGRjNYOCUyRlElM0QlM0Q&cb=34834118622

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 09 Dec 2023 10:12:25 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame BE22 443 B
578 B 187ms
119ms Script
text/javascript 34.149.43.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_411745678401&jsTagObjCallback=__tagObject_callback_411745678401&num=6&ctx=1828362&cmp=115752&plc=4398657&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=411745678401&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&brid=3&brver=120&bridua=3&dup=null&turl=https://reurl.cc/gaOWLp&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iF17KROIk8adFLuW3ESRMM&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=449233607217&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=9&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=171&eparams=DC4FC%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BAU2%3F4r92%3A%3Fl9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTau%60ac_gggfe446dhcb6g%604f6_23hfd2aaf%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=8.20&callbackName=__verify_callback_411745678401
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 2949776fe5a33b85239c5501deb9565752b0cc4662c281a39edc27eaeec5e709

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 10:12:25 GMT
Content-Encoding: br
X-DV-Response: 0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 12/08/2023 10:12:25

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2F49 38 KB
13 KB 32ms
32ms Document
text/html 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 224870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 19:44:35 GMT
expires: Thu, 05 Dec 2024 19:44:35 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame D8A5 13 KB
13 KB 40ms
40ms Script
application/javascript 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=333&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=1906-fI3sc0qfvKERdlTYushJk1Qjmmwrilt3&fp_uuid=1906-f8ace5c8087c5fa8bab53298a7b0de27&initver=230627P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date: Sat, 09 Dec 2023 10:12:25 GMT
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:54:55 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 26
x-amz-server-side-encryption: AES256
etag: "dcf480340ca4b65dc9aa76bd9e677036"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 13033
x-amz-cf-id: AIHh1kwJ5EoW8Sf0NA9YmzAM_dRc-LuwZCTKXYslDxUJGmXjHBSndA==

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame D8A5 5 KB
3 KB 113ms
113ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 09 Dec 2023 10:22:25 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame F8CC 5 KB
3 KB 123ms
123ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 09 Dec 2023 10:22:25 GMT

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F49 39 KB
15 KB 82ms
81ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 296094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 23:57:31 GMT

GET
H/1.1 200
OK cors Show response
rt.ad-score.com/score/ 48 B
591 B 840ms
188ms XHR
text/plain 35.208.216.174
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=reurl.cc&l1=7942&l2=reurl.cc&l3=JP&l4=desktop&l5=5.832&cb=0.14580080864485523
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 35.208.216.174 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 174.216.208.35.bc.googleusercontent.com
Software: /
Resource Hash: 6edd68731e514566c05a3e9332505817102a8b5db834a80176856647b4162ad9

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 10:12:26 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://reurl.cc
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 48

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame D8A5 36 B
400 B 72ms
71ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

0dcc5adc588fdbe0a7b4786c78c8b5fbeb736c55a7df93e73ae54ccb10a3cb58

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame F8CC 36 B
400 B 108ms
108ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

0dcc5adc588fdbe0a7b4786c78c8b5fbeb736c55a7df93e73ae54ccb10a3cb58

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/8/115752;4398657;201;jsappend;DV360;DV360FY20AcrobatCTXCustomAffinityBlendedJPDSKBAN300x250/ Frame BE22 2 KB
1 KB 176ms
89ms Script
text/javascript 2.18.148.226
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/8/115752;4398657;201;jsappend;DV360;DV360FY20AcrobatCTXCustomAffinityBlendedJPDSKBAN300x250/?ftOBA=1&ft_domain=reurl.cc&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Freurl.cc%2FgaOWLp&us_privacy=${US_PRIVACY}&cachebuster=872238.2855939441&ft_dv=%5B%25ft_dv%25%5D

Requested by

Host: 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
URL: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.148.226 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-148-226.deploy.static.akamaitechnologies.com

Software

prod-xre-app7.tky11 /

Resource Hash

280b3ba799b39d39105d5855f5fdfee5f23bd85221c36664fc29e142a2c0dc8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 10:12:26 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app7.tky11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 806
Expires: Sat, 09 Dec 2023 10:12:26 GMT

GET
H/1.1 200
OK dv-measurements5084.js Show response
cdn.doubleverify.com/ Frame B8B8 424 KB
101 KB 42ms
42ms Script
application/javascript 23.61.252.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements5084.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.252.83 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-252-83.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: dee10fdcd26b484406619a49a9148dc00d73e2520c9c80aa1ff9489279d874c4

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:12:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 08:15:00 GMT
Server: UploadServer
ETag: "c3585554306d55af8af83ddde3306ca6"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102698
Expires: Sun, 08 Dec 2024 10:12:25 GMT

GET
DATA 200
OK truncated
/ Frame BE22 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4e90ee5cd10e36b571a3ce94b810a09fbdb72d80720f05ce14fceae47a5b8da

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C7F9 0
0 370ms
69ms Fetch
image/gif 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoF6H0QFRKkP_04O27nwjuRfUzLkWptqZ7AIlohBh9_LTGTA5PzKIg2_uNxRxASCZiHBc3dIVjmZ4uZlTny61J3KOuHQQROl3T2O6RPkzsYji2BJOE7ScQEgEKFgyHkUg--dlkwMXNL8XjdALRc3tMpU2cp1nWTOjaEi7GEeE0tW79mVUY0bpxaBDpDVkZjO_iB7_wihU7oIYMLFTdrKzVASdE3gS_JakgZz_f4HJcB7xyVtL2gwexJKgDfmZwOQV16MNYsPRlMQwY-VYADlVeH8dmf2HFzbxFMYKC00kRnuXBsJ5QIbUWQfdZI3amz8aJKWQDMjj13I-HKuMCcw-MPVSbHvMDvoVVGjQqL4LJqOzwAcTXQMZiibxMfur1UXM&sai=AMfl-YS74V1OksJiiE0Skq475ME0k74MWKAmFaXF6Fc5-czYFN6YNjl7MmoMYOqqEd78LCGDYHrD9tzUDCWgeX8KdflIp8K-u3bzi9HUqVSbF6sLPQWp-ZvIumuoA2-Eo_iZ9uR8r7sPZeOul-X6hGP767vtLeI9P8ZyPS4xcQ&sig=Cg0ArKJSzPMpARJi1ykfEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 10:12:26 GMT

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame D8A5 30 B
271 B 98ms
98ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=16aaa93f-db19-42f2-9a72-2b9804af13a1

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:25 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame B8B8 699 B
733 B 289ms
175ms Script
text/javascript 34.149.43.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=79&ttfrms=17&brid=3&brver=120.0.6099.71&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BAU2%3F4r92%3A%3Fl9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTau%60ac_gggfe446dhcb6g%604f6_23hfd2aaf%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1702116745956543&jsCallback=dvCallback_1702116745956890&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5084&tgjsver=5084&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=9&brh=2&dvp_epl=201&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://reurl.cc/gaOWLp&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0iF17KROIk8adFLuW3ESRMM&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=449233607217&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=57371119.49587859&ee_dp_sukv=57371119.49587859&dvp_tukv=89847545.13381565&ee_dp_tukv=89847545.13381565&dvp_tuid=1308934194471&jurtd=2778572850
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5084.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: a53d2637ac425baf486da24efe01fe06bc702bd5b2ab4cbfe93d3d713d5494c8

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 10:12:26 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 12/08/2023 10:12:26

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 4F9C 0
194 B 61ms
60ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=undefined&mp=16aaa93f-db19-42f2-9a72-2b9804af13a1

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:26 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
16aaa93f-db19-42f2-9a72-2b9804af13a1.t.ssp.hinet.net/ Frame 4F9C 0
79 B 120ms
66ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://16aaa93f-db19-42f2-9a72-2b9804af13a1.t.ssp.hinet.net/pixel?bd=16aaa93f-db19-42f2-9a72-2b9804af13a1&t=cf&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:26 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 Live_Streaming.js Show response
cdn.holmesmind.com/js/modle/ Frame D8A5 40 KB
40 KB 36ms
36ms Script
application/javascript 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c73f2b03af16458ad905f45a098d8861ec7b0a2480387a59195b4465aca25d02

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: X_aLocCqsmqPAx2U1E3_4JQDn3OISwiD
date: Sat, 09 Dec 2023 10:12:26 GMT
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
last-modified: Fri, 25 Aug 2023 06:48:46 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 8
x-amz-server-side-encryption: AES256
etag: "d51f4efc881ddc4b5200ee509878d138"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 40584
x-amz-cf-id: Fu59uBX_JVFlMcLQ7hCz8O6nwwnXulK35KRZHCWg2iGyH-t3WChZ9w==

GET
H/1.1 200
OK j-4398657-4476205.js Show response
cdn.flashtalking.com/xre/439/4398657/4476205/js/ Frame BE22 62 KB
17 KB 170ms
68ms Script
text/javascript 23.195.84.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/xre/439/4398657/4476205/js/j-4398657-4476205.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/115752;4398657;201;jsappend;DV360;DV360FY20AcrobatCTXCustomAffinityBlendedJPDSKBAN300x250/?ftOBA=1&ft_domain=reurl.cc&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Freurl.cc%2FgaOWLp&us_privacy=${US_PRIVACY}&cachebuster=872238.2855939441&ft_dv=%5B%25ft_dv%25%5D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.84.51 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-195-84-51.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 005e3bf07cdf231d21b04c023a2d1fbb2689890c60fcc967a6aedcf40789744e

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:12:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Oct 2023 05:33:13 GMT
Server: Flashtalking (AKA)
ETag: W/"4c9088af79249e0a2e781263ccb018dc"
X-FT-Origin: us
Vary: Accept-Encoding
X-Varnish: 330989818
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=768
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17210
Expires: Sat, 09 Dec 2023 10:25:14 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F49 0
56 B 71ms
71ms Image
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BETZziT10ZdmRIKydvcAP77qTiAEAAAAAOAHgBAI&bg=!0tGl0Z7NAAY3kmNgF5I7ADQBe5WfOPbLDd1xr3L00wLCGQT_4U5anybf0RxdLYa9YrQ9gdfPJSNp0pJTQNzIE3Nq0W31AgAAAN9SAAAAAmgBB5kDMQ4MGAKiiQdXVElv3O0_cqqWS3d2OML3_NDvSnXD_IJE7STpyWldTh_m9DoB1kFB40apNaoTKisPPrNLm2ODUYhgmX1zA86VvtqMMwBHc0PtF9jFpf0wSG5RTsspXZYjzDT_s8fSeTDDJfu_bvrhc3cIi5ZQO8R4E5-sl_s3TgyC8D-ixZX7HvW-OlbdylIwYWNt1R6fE9XIxMQxeudR7zJGx6yP4YHMOTGvQcvPjs4zliBiKT5qXh0nXpgkk4dqHSFVQo2adFFdAqESC0-HHXRAk28m6FPfMsd_3vvu19W-kUjQI9XXqOoLeNdfEcehbzPg_QLb64pHydM0iYLmNbMgknPcM8-CB6ouaEEN6UQ026PrLsF_5rDRcnInDtmIttXX6Z685QeP7QKA2Cojj64XT7J84AB_GnB2cUCbEYDyE9wUC69a8G5Wu-B7j3OrkBZeDo3_ZOBTTEMqROCGyEJm3LMsqxTk0_E9l09N8uxlr1OELQwso5KjrZ_1vxWMKry9_5cDAnWc6aQLxZhabjXPedsaYvhwgUHuh2IW-MROppGpwBd3mGeE1XbCLD9X9dA7-ESlL89u0ieOYEBI5BwJYe-r6vqzOEM64SGmyKDbfQ4b6TRKb8ooRuNS6c1OWYIiyxyQc4f3BzKBgFYR-neHXYQ3j0y1eJ3ZYTwbnEaDZF4a2O4mD_gNarlvW6k1clwX-qaHCD0X0on2hgu_6E6szLE5ZuEDQ7SkxMDb3cFx3r4liJ7h_qGwlJZhSQkHseYcQFH1fRSW5Y3qDILIeEfpNoxuWArlTTRmu_ymd0WbF41dGGczydk8yhrt0SVe7kTAb_M_iPF5xx5xCepGzDT16B6sPUe0bTOKixtE4rjDIBjQTY9lLSMfE6SsEAWTd7uNRsFHRz-kmjrsmEKhxGdidwsH8qEk4GPeU8vqNOQ-rI9HdlLg_rqclRlkcltoxOBA6L7dkqtuSqdcAFzQxXyid6YvfpUbfCpWrW6VDJYGJhX-K2Tz0ekC5OYJFAj0jouj1YhGLpUfq40WhZJYoYCdvm8kPgztlUhG1KkJIATYXU1vu3jJ3HA8rcUMNs16rZQ

Requested by

Host: 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
URL: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 609a296ec62f194de981d39962985aa6.jpg
cdn.holmesmind.com/image/23000/ Frame 7DF6 23 KB
23 KB 50ms
49ms Image
image/jpeg 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/image/23000/609a296ec62f194de981d39962985aa6.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e76120de695e8ada80fa020a780e36ffbabe2d750c1dc46d4934545d11aa8c81

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:43:20 GMT
x-amz-version-id: nUW5W2sNukKkWhE6AludKVT9BqfI6Fi3
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
last-modified: Fri, 08 Dec 2023 05:38:18 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 5347
etag: "0e8a4fcfea83f153c3cc31c3043bc3e2"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 23525
x-amz-cf-id: XclN6GFdEo2xx0OhIg9Yfpk1CTW_ITbN-BdPr0-6qbsE1GruNlXSPg==

GET
H2 200 ade-tracker.js Show response
cdn.holmesmind.com/js/modle/ade/ Frame 7DF6 2 KB
2 KB 63ms
62ms Script
application/javascript 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: e6irG_P5F2jdCF9fNky2jWkkhxNctdGx
date: Sat, 09 Dec 2023 10:12:26 GMT
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:26:15 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 24
x-amz-server-side-encryption: AES256
etag: "cc88de770769cdecaa524a5801120c78"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1646
x-amz-cf-id: rOngtX1bQ0GIDxVj9laCZblYFE0OMHgeguYplnHft4icEMJ4OXa5dA==

GET
H2 200 v_sdk.js Show response
cdn.holmesmind.com/js/modle/v/ Frame 7DF6 192 B
590 B 64ms
63ms Script
application/javascript 143.204.126.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/v/v_sdk.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-52.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7490c495bc701b5f3c822f76f18d9f9842e4c3578b4c8e74937ce49a1ca75546

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: wsgDAt6n73AfbveX4G1Vz0rAUst7spYk
date: Sat, 09 Dec 2023 10:12:26 GMT
via: 1.1 bba78bfbd484c60cfae4e0344a831724.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:26:17 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 8
x-amz-server-side-encryption: AES256
etag: "8644272abfaa44219b2ed3d118b43dbc"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 192
x-amz-cf-id: cr0Iv1t-UHrS7O1SdT31ni-3BlHdYINL1w_wX7-M0jkqMMsEePva2g==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 7DF6 3 KB
2 KB 50ms
50ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

b50ba7cca50fd61ab72172f422203982d913084cb5f50731e79cd82aa00ad621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 10:12:26 GMT
content-md5: 8xruSJLeF4ueOyPw+Ow1/w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints
x-fb-debug: rOaZnzIE35YTehJZS7aqBgMUbVDHWg4ADkbFkZXgwZWtCi9JCwKi5jLukx7MnCv5IRXmeBphSyUHDp9j+HwS8Q==
x-fb-content-md5: 79bb9e54fa05ad6df63f92f2c0bf9a9f
cross-origin-opener-policy: same-origin-allow-popups
etag: "b1e20c0b622033388a288df5279d6a89"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:14:20 GMT

GET
H2 200 i
ad.holmesmind.com/adserver/ Frame D8A5 0
77 B 51ms
50ms Image
image/png 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/i?ut=1702116745&p=14210:107138:202675:6d6ab656b51ebe4643d7966a10f26a77:23000
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/png
date: Sat, 09 Dec 2023 10:12:26 GMT
server: nginx/1.14.0 (Ubuntu)

POST
H2 204 events
bidder.criteo.com/csm/ Frame D8A5 0
186 B 80ms
80ms Ping
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 09 Dec 2023 10:12:25 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame D8A5 43 B
365 B 45ms
44ms Image
image/gif 182.161.74.1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 03 Dec 2024 10:12:26 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame D8A5 43 B
365 B 45ms
45ms Image
image/gif 182.161.74.1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 03 Dec 2024 10:12:26 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 7DF6 302 KB
87 KB 337ms
36ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b66a5e96315503119dc4fd44a11a6a1e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

ac0bbdb325a55aa396c1b2c24b5213bc7d05634d182abceb6ddda30042e2373b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://reurl.cc/gaOWLp
Origin: https://reurl.cc
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 10:12:26 GMT
content-md5: 5ter94zajHG8edW8UvtOlw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88320
reporting-endpoints
x-fb-debug: TXXJlmFc48UDhaetzzdFUKF15KphHrSF3NyXAhjhveRp7j5n7Yrytcri79kGAGF/njLx7r2bwAkxEuCLMCOKvw==
x-fb-content-md5: 7e28fa49471bdeaf2f15018a0e5588ec
cross-origin-opener-policy: same-origin-allow-popups
etag: "713e630b28cd84088f788dd4d49a3b90"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 08 Dec 2024 08:43:42 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5129 42 B
404 B 791ms
87ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu96hXGla9nV8-VxsVhgcgyEhQIRfkq9Gm54j763sLyCzNBuR-WQdZuo3ejEaJ__5NySsSeybyKnW0rIp97XQbCqE3aLK2-QZts-Y8y_p6CjX1XEYMNniVCFaYj-bvYljmyMdRlRgygwQ&sai=AMfl-YSINZoVi2dSs1oKzxEq5gYE_T8ZQ6PiOQBLG1jSPEBtkGZ5xEo&sig=Cg0ArKJSzFE3maA84lKoEAE&id=lidar2&mcvt=1000&p=1180,1599,1181,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702116744503&rpt=672&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 d9core Show response
d9.flashtalking.com/ Frame BE22 11 KB
11 KB 280ms
34ms Script
application/javascript 3.112.170.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/d9core
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/439/4398657/4476205/js/j-4398657-4476205.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.112.170.251 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-112-170-251.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.56 () OpenSSL/1.0.2k-fips /
Resource Hash: 17b700905eb47ff2f3a56d3a83340090ff51416fbce59ebf5b61eebd19ed72fd

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:12:26 GMT
Server: Apache/2.4.56 () OpenSSL/1.0.2k-fips
ETag: 5bc31bf7d4a298e1bef9d35fce222bfc
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: d9.flashtalking.com
Content-Type: application/javascript;charset=utf-8
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 10814

GET
H/1.1 200
OK index.html Show response
cdn.flashtalking.com/116351/4476205/ Frame 875F 3 KB
2 KB 54ms
53ms Document
text/html 23.195.84.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/116351/4476205/index.html
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/439/4398657/4476205/js/j-4398657-4476205.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.84.51 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-195-84-51.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: e81a8bc3672a3af461ae1579ad7b9c955a22ca3b81a0d645b380f33ff64bfdb1

Request headers

Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
Cache-Control: max-age=981
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1405
Content-Type: text/html
Date: Sat, 09 Dec 2023 10:12:26 GMT
ETag: W/"af10115ac5aa3135f0e37e22bd37350b"
Expires: Sat, 09 Dec 2023 10:28:47 GMT
Last-Modified: Thu, 28 Sep 2023 16:59:22 GMT
Server: Flashtalking (AKA)
Vary: Accept-Encoding
X-FT-Origin: us
X-Varnish: 643482818 642999947

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame BE22 9 KB
4 KB 53ms
53ms Script
application/javascript 23.61.252.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115752&sid=18330&plc=4398657&num=&adid=&advid=&adsrv=29&btreg=4398657&btadsrv=flashtalking&crt=4476205&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=411A3965-2380-5A88-6BD0-73B804810D4A&auevent=&907157095
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/439/4398657/4476205/js/j-4398657-4476205.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.252.83 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-252-83.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 77bcc9a2018d9882752571a1063ef8fdfdb22353f6dcf019be8d5eff94ee063f

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:12:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 09:57:43 GMT
Server: UploadServer
ETag: "acd98c72a3678fcc8c90582582f71fb9"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3638
Expires: Sat, 09 Dec 2023 10:27:26 GMT

GET
H/1.1 200
OK iconc.png
secure.flashtalking.com/oba/icon/ Frame BE22 1 KB
2 KB 167ms
60ms Image
image/png 23.195.84.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by: Host: 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
URL: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.84.51 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-195-84-51.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:12:26 GMT
Last-Modified: Sat, 12 Apr 2014 19:14:31 GMT
Server: Flashtalking (AKA)
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
X-FT-Origin: us
X-Varnish: 394860326 286221358
Content-Type: image/png
Cache-Control: max-age=710840
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1308
Expires: Sun, 17 Dec 2023 15:39:46 GMT

GET
DATA 200
OK truncated
/ Frame BE22 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame AA7A 90 KB
29 KB 101ms
100ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

5a593b33d3e42a30cf2d40df0a405391c5fb2bf874f357be9b3026632e9b83d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29444
x-xss-protection: 0
server: cafe
etag: 333 / 19700 / 31080021 / config-hash: 18041799505519846586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:12:26 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E94C 42 B
110 B 73ms
73ms Image
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZeSYxDDIDDtpAESV8RuOqb_K1rgkOCt4A8_c3GaDpH5j3X7EtK8Ur9gPHjU9fqMNZiNmyCBG52PPnbOc0K1QgbCCYU3j3tTm0At91SVdWNU3rxK23LRmELtkLieb4JmdE8510PeuLQw&sai=AMfl-YSBeSS51acGWYKi8DysCNMKPhhnzuKbTuvi9m5Zrlc75jvyAMnOcxcX472iyCdjWtqTIR3Uo0Jh_jeaXXw4jae0no2Cx56LEmGiyLofQL3NGXYNrzaV541-otKB4TVWKIT7SLb2NnH2QUDqh67QUMPXFuh3xMY2MsU&sig=Cg0ArKJSzI70ub8DStvYEAE&cid=CAQSTgDICaaNoaYYCMFdm32nToTRhz-HEX_n3FUUm1xYJkpZBesY15O4mrWlUr_pfP0Cus1P1hhyB_u11Yb-6IuUEB56wuTov2BQ_tUOgY4RuhgB&id=ampim&o=270,108&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=662&tls=1662&g=100&h=100&tt=1662&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dv-measurements5084.js Show response
cdn.doubleverify.com/ Frame 8EBA 424 KB
101 KB 35ms
34ms Script
application/javascript 23.61.252.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements5084.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.252.83 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-252-83.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: dee10fdcd26b484406619a49a9148dc00d73e2520c9c80aa1ff9489279d874c4

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:12:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 08:15:00 GMT
Server: UploadServer
ETag: "c3585554306d55af8af83ddde3306ca6"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102698
Expires: Sun, 08 Dec 2024 10:12:26 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 875F 236 KB
63 KB 547ms
71ms Script
text/javascript 23.204.139.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/116351/4476205/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.204.139.138 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-139-138.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: ja-JP
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:26 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Sat, 09 Dec 2023 10:27:26 GMT

GET
H/1.1 200
OK index.js Show response
cdn.flashtalking.com/116351/4476205/ Frame 875F 124 KB
25 KB 50ms
50ms Script
application/javascript 23.195.84.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/116351/4476205/index.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/116351/4476205/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.84.51 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-195-84-51.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 7e38d8da0d09fa92885460a6e6afdcff749709b334a9856f181820456877b619

Request headers

accept-language: ja-JP
Referer: https://cdn.flashtalking.com/116351/4476205/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:12:26 GMT
Content-Encoding: gzip
X-FT-Origin: us
Connection: keep-alive
Content-Length: 25201
Last-Modified: Thu, 28 Sep 2023 16:59:23 GMT
Server: Flashtalking (AKA)
ETag: W/"d85839c6e1d37889152150a64bf43d57"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary: Accept-Encoding
Cache-Control: max-age=981
X-Varnish: 319259500 318330604
Accept-Ranges: bytes
Expires: Sat, 09 Dec 2023 10:28:47 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.4/ Frame 875F 69 KB
25 KB 471ms
60ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.4/gsap.min.js

Requested by

Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/116351/4476205/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b36764faf17f2803c4ef3a5ea18b0187dc9ae66b13ec253c71ddb3178d2ccf52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 822770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25169
last-modified: Thu, 22 Dec 2022 06:00:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63a3f27f-6251"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLYMIFsg3p4lZV9894PJ9CywGJ6kA424PzxudLxeFFvE9FVFuSgLJSfGRYead16eAracmfTpWIKHXZpezTHZaH%2B3UTTSvmujhHSgI2MKQjj6zyne65AZq5Rm%2F%2Bj1dcAWtR8FD0hL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 832c78436f0317be-KIX
expires: Thu, 28 Nov 2024 10:12:26 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 8EBA 2 KB
1 KB 120ms
120ms Script
text/javascript 34.149.43.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=58&ttfrms=5&brid=3&brver=120.0.6099.71&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BAU2%3F4r92%3A%3Fl9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTau%60ac_gggfe446dhcb6g%604f6_23hfd2aaf%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=1633&ddur=54&uid=1702116746402855&jsCallback=dvCallback_1702116746402520&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5084&tgjsver=5084&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=9&brh=2&dvp_epl=201&noc=4&nav_pltfrm=Win32&ctx=1828362&cmp=115752&sid=18330&plc=4398657&crt=4476205&btreg=4398657&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=411A3965-2380-5A88-6BD0-73B804810D4A&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=57371119.49587859&ee_dp_sukv=57371119.49587859&dvp_tukv=42150637091.208885&ee_dp_tukv=42150637091.208885&dvp_tuid=1189584192059&jurtd=882737948
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5084.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: f5faea1024c86795a612ed5a267291cfd054591fe121c628d84bf0d392dfb14c

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 10:12:26 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 12/08/2023 10:12:26

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame BE22 6 KB
6 KB 37ms
37ms Image
image/png 23.195.84.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by: Host: 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
URL: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.84.51 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-195-84-51.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:12:26 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
X-FT-Origin: us
X-Varnish: 137344570 137150713
Content-Type: image/png
Cache-Control: max-age=1092
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5953
Expires: Sat, 09 Dec 2023 10:30:38 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ Frame AA7A 431 KB
135 KB 37ms
36ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35168
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 08 Dec 2024 00:26:18 GMT

GET
H2 200 video.php Show response
www.facebook.com/v3.2/plugins/ Frame 2F1A 168 KB
43 KB 437ms
437ms Document
text/html 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaead1972ddc94%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff2c98458ef3a95%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=b66a5e96315503119dc4fd44a11a6a1e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

bc6a7cccd1d8ec7f01ef81c8fb489ade144149c07835733e09a96f05968156b9

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:12:26 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 4xvXkLv2fi5cv5nwn6ovQHuuMVlIcY9eoDmYbcJb3m4wZVSIR2S7HvPNepFQ+YfBIOkhrDqVJlNIEylNhvfOaw==
x-xss-protection: 0

POST
H/1.1 200 lgc Show response
d9.flashtalking.com/ Frame BE22 118 B
774 B 47ms
47ms XHR
application/json 3.112.170.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/lgc
Requested by: Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.112.170.251 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-112-170-251.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.56 () OpenSSL/1.0.2k-fips /
Resource Hash: 23846770b8ff53f63032b140e025851dfec6d8d8a34ed8d95028e1bc2d001de0

Request headers

Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sat, 09 Dec 2023 10:12:25 GMT
Server: Apache/2.4.56 () OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
Content-Type: application/json;charset=ISO-8859-1
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 118

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame AA7A 169 KB
50 KB 396ms
396ms Fetch
text/plain 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4485176617027537&correlator=1332532773962848&eid=31077976%2C31079240%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14209-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C320x100%7C300x100&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3D3c81c65bb6e7fd75%3AT%3D1702116744%3ART%3D1702116744%3AS%3DALNI_MbVdxQtb329Kc-UJ7848Dh8l8CdDQ&gpic=UID%3D00000ca7c28aafd3%3AT%3D1702116744%3ART%3D1702116744%3AS%3DALNI_Mb9U4WE4S3Kb9H3lMiBmQEPMKuW4g&abxe=1&dt=1702116746602&lmt=1702116746&adxs=640&adys=358&biw=1600&bih=1200&isw=320&ish=100&scr_x=0&scr_y=0&btvi=0&ucis=j4semdwxakz9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=3&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=320x100&msz=320x0&fws=256&ohw=0&ea=0&ga_vid=1347942568.1702116743&ga_sid=1702116747&ga_hid=859237531&ga_fc=true&dlt=1702116746304&idt=272&adks=1212019568&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

d945801e7952a55b17845b358e2a3e71b99e8b18f4906b8ca09952f02c69e084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:26 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50868
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AA7A 16 KB
12 KB 418ms
108ms XHR
application/json 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

dc4299da5227c68c3e4db4787dd3c9fe9c9c3d4a8b52d24e5b308488c4463404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12222
x-xss-protection: 0

GET
H2 200 container.html Show response
a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 84B0 6 KB
3 KB 148ms
92ms Document
text/html 142.250.196.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:12:26 GMT
expires: Sun, 08 Dec 2024 10:12:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 img.png
d9.flashtalking.com/img/ Frame BE22 70 B
326 B 81ms
81ms Image
image/png 3.112.170.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9.flashtalking.com/img/img.png?cnx=7ad1d3bf8cd090311e619d45bc56c512
Requested by: Host: 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
URL: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.112.170.251 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-112-170-251.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.56 () OpenSSL/1.0.2k-fips /
Resource Hash: f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:12:25 GMT
Access-Control-Allow-Credentials: true
Server: Apache/2.4.56 () OpenSSL/1.0.2k-fips
Connection: keep-alive
Content-Length: 70
Access-Control-Allow-Methods: GET,POST,SERVER
Content-Type: image/png

GET
H/1.1 200
OK /
servedby.flashtalking.com/state/4398657;4476205;0;401;411A3965-2380-5A88-6BD0-73B804810D4A/ Frame BE22 42 B
343 B 35ms
35ms Image
image/gif 2.18.148.226
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/state/4398657;4476205;0;401;411A3965-2380-5A88-6BD0-73B804810D4A/?ft_data=d9:e82ba69b84ad4e8d91cab7094094a90a;d9s:e82ba69b84ad4e8d91cab7094094a90a&cachebuster=875019588

Requested by

Host: 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
URL: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.148.226 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-148-226.deploy.static.akamaitechnologies.com

Software

prod-xre-app12.tky11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 10:12:26 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app12.tky11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Sat, 09 Dec 2023 10:12:26 GMT

GET
H2 200 prtct.php Show response
stg.truvidplayer.com/v5.832/ Frame FB4C 0
503 B 527ms
527ms Document
text/html 143.204.86.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/v5.832/prtct.php?val=c&geo=JP&timestamp=1702116747&level=1
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-97.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 10:12:27 GMT
server: nginx
via: 1.1 3326ced070f64c37ff4d732ed8d8fe38.cloudfront.net (CloudFront)
x-amz-cf-id: lrAXWwvp9eMSrRIdgHmIE3pZYDrs0-_SaXTsKlB7pIOfe46N1uPv4Q==
x-amz-cf-pop: NRT12-C2
x-cache: Miss from cloudfront

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 367 KB
126 KB 538ms
99ms Script
text/javascript 142.250.196.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f10.1e100.net

Software

sffe /

Resource Hash

68fab14b8c4112c0c8c19d07a8ae62b8de9a03da143bfd3be495b8fbc6e385a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128901
x-xss-protection: 0
expires: Sat, 09 Dec 2023 10:12:27 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
51 B 917ms
362ms Image
text/plain 52.54.58.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=Hxq849W9UKKQm7TYfkrUQvtDJN7zbuOK4sdA6fh3hyN9ptjasOkqKH9jSPC4MTKpF5ORMjhTGXjjqFYOcW8Cd8pdtCS9d3r1BMugYMwbAgyFdt6gLz6wydZKNMI3pcvStsqHlStEMl4nDjt9bUpyD4yv7ZwpAYeC2qLawbizi7WsLvuOQHnwkm+8IjnjDGXpXIkGSIPmqogmBD3kErXaVdsKyxMcBAwV/1VP+m9mVD6nELsHX6hBJif7dUdTISVuVvN1PuDFdoyZT5OMUEpqwUD7HWbFMHAMqfWdCXeS5sg=
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-58-110.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
server: nginx/1.6.2

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BE22 42 B
108 B 375ms
74ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqfIOvWF1MUKleDCUDfzvDAkI4R9VmGy78Eam1q32fr-Pup4gteKm9OUo5JYAvpYYkKD43z2gsB-yn_TYmhE4HE7cRHLI3FUKUz63awlmiHY023l4a8PdJ9vtiHFCGd1VF1dN_ZQIm4Q&sai=AMfl-YRlWwNd8rLdJVMmFao5aCmf2tKI4K3calXpJHz7EHsrsUkjmnQn-W2qINe4v7s_I90Rc-71XTne9VQxZQUgoWSquITccHRwqabHAUoYRXUMO0vuO_Hm2uUKYnL34-mo09aZCA3Htv6osPj1mExyhJz-9MBwHU3ak_g&sig=Cg0ArKJSzEeWsLaMk-dwEAE&cid=CAQSTgDICaaNoaYYCMFdm32nToTRhz-HEX_n3FUUm1xYJkpZBesY15O4mrWlUr_pfP0Cus1P1hhyB_u11Yb-6IuUEB56wuTov2BQ_tUOgY4RuhgB&id=lidar2&mcvt=1000&p=108,1030,358,1330&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1451399479&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702116744653&rpt=1240&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C7F9 42 B
108 B 573ms
273ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvANGjoiIofVHxVvY7c9N2XVv_82g3JFndjzYKaH_hkL2LDf80p4buPZ11NuXldZm4CiNBUzxiipT2XLaAkG9V54h12eHklgfHwn3E9yeeBk-8vSF0xCTDf-K6aO8iIu6nof6WX6UvvPw&sai=AMfl-YSNexfDyD7a8sfdloshXSnkAKpjvIXE978epWDxcv_96fkX9wI&sig=Cg0ArKJSzFS9AF8FU6BHEAE&id=lidar2&mcvt=1000&p=378,799,478,1119&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3271617715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702116744684&rpt=1223&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK laptop_page1_300x250.png
cdn.flashtalking.com/116351/4476205/images/ Frame 875F 45 KB
45 KB 200ms
199ms Image
image/png 23.195.84.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/116351/4476205/images/laptop_page1_300x250.png
Requested by: Host: 124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
URL: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.84.51 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-195-84-51.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 635560ef12cd799356b3887f1577373a5c51418740bb71b1888c2811ea6da67e

Request headers

accept-language: ja-JP
Referer: https://cdn.flashtalking.com/116351/4476205/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:12:27 GMT
X-FT-Origin: us
Connection: keep-alive
Content-Length: 45920
Last-Modified: Thu, 28 Sep 2023 16:59:22 GMT
Server: Flashtalking (AKA)
ETag: W/"7ba74e429fb060f9a1c4a4e7430ba295"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=981
X-Varnish: 584760769
Accept-Ranges: bytes
Expires: Sat, 09 Dec 2023 10:28:48 GMT

GET
H2 200 Zb7qjlwFTG5.css
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/ Frame 2F1A 582 KB
141 KB 43ms
41ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/Zb7qjlwFTG5.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaead1972ddc94%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff2c98458ef3a95%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

3357e675ea4f190381d0d4969e3af833e76d64fd9f37881b2e3229a537e51b5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3sc6f40IYvjADv8KUWs/Bg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 144004
reporting-endpoints
x-fb-debug: 2pR+DMesl549NdZ0nRpJF0mPO2oDZpCBNJkJygIH0oA7+7fTuoIa0xaC8ib5zXK3UEot8uidiePvHiEgOFSp0g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 08 Dec 2024 03:59:46 GMT

GET
H2 200 Qfo55ay3XFG.css
static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/ Frame 2F1A 29 KB
7 KB 73ms
71ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

b6fe6101ff12f786ff956ba29a5b1d1e3264c7769ffceb85d733b4c7986e6b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: iFoyUyk7Swig89SScjaqMQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7084
reporting-endpoints
x-fb-debug: VnrTdUpKcFO+w02DM+04aKQEZVOfUTCfEPOyvsLcI4oKmruBvEpHis2u1n6hIcEXKswDqdLUAgdnrD9xHZ7wOA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 17:52:02 GMT

GET
H2 200 JS2LsxE-gw3.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 2F1A 354 KB
92 KB 56ms
54ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

fd66f83ea75a1ccdd4953552363bc37a9cf055220f8d89a23ec8564c8d2ed2fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Veg+9swSo/ybchlTfP+avA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93749
reporting-endpoints
x-fb-debug: GILntJGFlzWPcAkfpFiCETadOEgFC7qAmnMiwNYjd8KEFZ+OV7kRr8nHL5UYo17PGD7yFZBQnrEzltxNivpk1A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:11:38 GMT

GET
H2 200 aQFKd1NFgFT.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/ys/l/en_US/ Frame 2F1A 90 KB
25 KB 72ms
71ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/ys/l/en_US/aQFKd1NFgFT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

2c3cb5a0833b9412d27f44e06a84fd797180b81e15e99af5d7d8ffa96d1f41e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QxtSbDtVvcAOcE+ucrAq9Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25845
reporting-endpoints
x-fb-debug: jO+fU1bq/xhgAakf9t7cqzRgLJyx+caiicp92I5iDsizvQRZH5r00j8PcRmluIEd1/z6MboCMpdrp7T5a6+7Cg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:30:20 GMT

GET
H2 200 R4PKY1p9APB.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAUQ4/yx/l/en_US/ Frame 2F1A 794 KB
193 KB 77ms
75ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAUQ4/yx/l/en_US/R4PKY1p9APB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

d20cf80322259d9177611df3a6016556c8ee1c7b56376805c15d449c1785df0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Ax+Eeqf6bOR1t+1T9zWUvw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 197059
reporting-endpoints
x-fb-debug: +dGqmmqGh8PZqsnYGFZ3WNfmInmB0ZW72qnDALaJM88JLDnbucXR7z58b+sBpoJyk+m1Hv0ExJh9M1G13H6wVw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 23:46:38 GMT

GET
H2 200 Ec8EdxuCpfW.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/ye/l/en_US/ Frame 2F1A 199 KB
51 KB 73ms
72ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/ye/l/en_US/Ec8EdxuCpfW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

4df9b60b23dc99b2d8effa62273d522e2c879c50a288eee73784db7eb5016908

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Lxn1hApUWOKiQ2EZomVAdA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 51831
reporting-endpoints
x-fb-debug: UJkzDwMWPnFDYqheEr7XNPAznyyyvJ59c58Zk688LOx9QHZq+EqXVJspYCWHDEoEatXFZ7CwUYGQZDPX2jtdrA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 17:47:25 GMT

GET
H2 200 4r8pcxnOs4K.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 2F1A 3 KB
1 KB 56ms
55ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/4r8pcxnOs4K.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

1ba731fa9f8276454a29bbb9afbf4595fa066f08935a762beceecc4749f90d5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GBf95XiiHK2guhZn2p/rAQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1277
reporting-endpoints
x-fb-debug: 6QG21lgkZ/mt0XOJQi7Nsq9PESmwZUFpDgeN1PsqkGyDIi/+Am1NptsqK158G4UBvDdCc0HLgi5ZDlP7lvd/aA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:47:09 GMT

GET
H2 200 GzNi5UO10uL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame 2F1A 395 KB
86 KB 76ms
75ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/GzNi5UO10uL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

d0c0a6ab2e10cb4061ce00406e53dd6eec2f0753fd20883654b2c13349e088d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: B82MgG1Xe8DJYm99WEr4Ww==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87833
reporting-endpoints
x-fb-debug: e/v12MwpGcQe1wKAu6p/rCTUn0qx5AoPxcAkASB1H7w3urgDYIT45SCn5aX7x5W6UxFROpTGsvPJ3zBPtgNWmQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 20:12:59 GMT

GET
H2 200 w0yxjyrKD3l.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 2F1A 32 KB
10 KB 72ms
71ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/w0yxjyrKD3l.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

4fdd04912129cdb8d227c0be200a5205ccbc49c6851594f80d1df0364ae5d1a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cg00sn1NB+8BxdHomp/EuA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10464
reporting-endpoints
x-fb-debug: hd7w9p73ruvkvc7ASty/cTwGv+SFhAp+CEBg9oBswUKw8Cqn9xX1zui40ogPZov4V2STSqiIO/lNdo0y5x+wug==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:59:42 GMT

GET
H2 200 406760998_691248259446060_2093622973448237517_n.jpg
scontent-itm1-1.xx.fbcdn.net/v/t15.5256-10/ Frame 2F1A 33 KB
33 KB 165ms
165ms Image
image/jpeg 157.240.209.14
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-itm1-1.xx.fbcdn.net/v/t15.5256-10/406760998_691248259446060_2093622973448237517_n.jpg?stp=dst-jpg_p280x280&_nc_cat=107&ccb=1-7&_nc_sid=869369&_nc_ohc=2PwPgeox4GYAX_0RxsY&_nc_ht=scontent-itm1-1.xx&edm=AOJO4v8EAAAA&oh=00_AfD4Gm5pfh4VXUV-LXRsMNFD-Fex7ijwRBtyR6Pwr9TnTQ&oe=65786554
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaead1972ddc94%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff2c98458ef3a95%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.14 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: f9ab2d0b1fd6ff343526a05199a2a3db6417076d5792d30f5ea83ccc29a936a3

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 09 Dec 2023 10:12:06 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=387098748
thrift_fmhk: GBCfaEVXR2m1m+Qi/i0kkGM3FfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: tCSnbRjBCSo0NASVXsfuWdzAmg0XaH6K3Un3l7Rv_pl3XQ95yHlDGMYloM59Njk7uqvCalghzxfoEdVkfqLS4rmFJ3TSks_d2SIqxCvN7Lc
cross-origin-resource-policy: cross-origin
x-needle-checksum: 913173865
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 33424

GET
H2 200 369665612_266137682873346_5534008402912216860_n.jpg
scontent-itm1-1.xx.fbcdn.net/v/t39.30808-1/ Frame 2F1A 2 KB
2 KB 37ms
37ms Image
image/jpeg 157.240.209.14
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-itm1-1.xx.fbcdn.net/v/t39.30808-1/369665612_266137682873346_5534008402912216860_n.jpg?stp=cp0_dst-jpg_p74x74&_nc_cat=1&ccb=1-7&_nc_sid=4da83f&_nc_ohc=MUoP-qGTyK8AX-MeNeA&_nc_oc=AQk9ms-zJqr3Lb7k-VJq5L7nhTapfhzJ23UZ-VxjEWiwUBMQQZNc697509tiOSfO0C8&_nc_ht=scontent-itm1-1.xx&edm=AOJO4v8EAAAA&oh=00_AfCtJuGdVDZZ0hp8I4cQBsRg5JhGdzFd6sQ3cOYNACpRdQ&oe=657982AF
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaead1972ddc94%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff2c98458ef3a95%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.14 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 197cf9f704785e690d950b4cb570004989336fa75540d555aef7e396db1f2861

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 22 Aug 2023 09:35:34 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=4066451735
thrift_fmhk: GBCX03v1adikMyRciVIllcr/FfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 37949127
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 2180

GET
H2 200 container.html Show response
a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4817 6 KB
3 KB 45ms
45ms Document
text/html 142.250.196.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:12:26 GMT
expires: Sun, 08 Dec 2024 10:12:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AA7A 17 KB
6 KB 84ms
84ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 10:12:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4817 956 B
560 B 72ms
71ms Stylesheet
text/css 142.251.42.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%83%E5%B8%82%E3%81%97%E3%82%A6%EF%BC%A6%E5%BA%83%E3%83%BC%E3%83%86%E7%BE%8E%E3%82%A2%E2%88%92%E3%83%8D%E5%AE%893%EF%BC%98%E9%A1%9E%E6%B3%A8%E6%96%87%E3%83%94%E6%99%82%E3%81%8F%E6%9C%A8%EF%BC%930%E3%81%84%E7%9B%AE%EF%BC%97%E9%9D%924%E5%B3%B6%E3%83%93%E3%82%AF%EF%BC%92%E3%83%88%E3%82%B6%E3%82%A4%E3%82%92%E5%8D%97%E3%83%B31%E3%83%8F%E4%B8%81%E5%91%B3%E5%8C%BA%EF%BD%9E%E5%BA%975%EF%BC%91%E5%85%A8%E4%BD%90%E5%AE%85%E3%83%AB%E9%85%8D%E5%88%862%E7%A8%AE%20%E5%8F%A4%E9%96%8B

Requested by

Host: a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
URL: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f10.1e100.net

Software

ESF /

Resource Hash

9c3ce0e066c2c84dfd177abe6cf6829c5d79e49d2a2b87a9a54d5b135d0ba250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 10:12:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 10:12:27 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4817 2 KB
903 B 32ms
31ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
URL: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 15:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 15:50:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 4817 24 KB
9 KB 48ms
47ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
URL: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 15:47:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 15:47:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4817 3 KB
1 KB 50ms
50ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
URL: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 03:41:17 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D673 1 KB
758 B 31ms
30ms Document
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
URL: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

age: 43108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 22:13:59 GMT
etag: 48472445140208031
expires: Sat, 09 Dec 2023 22:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4817 20 KB
8 KB 44ms
44ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
URL: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 03:41:17 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 4817 225 B
330 B 48ms
48ms Image
image/png 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
URL: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 15:43:33 GMT
x-content-type-options: nosniff
server: cafe
age: 66534
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Sat, 09 Dec 2023 15:43:33 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4817 202 KB
64 KB 124ms
123ms Script
text/javascript 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
URL: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 10:12:27 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 4817 37 KB
16 KB 518ms
63ms Script
text/javascript 142.250.199.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
URL: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.199.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f3.1e100.net

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:41:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 03:41:17 GMT

GET
H2 200 12447727561747222138
tpc.googlesyndication.com/simgad/ Frame 4817 5 KB
5 KB 46ms
46ms Image
image/jpeg 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12447727561747222138?w=100&h=100&tw=1&q=75

Requested by

Host: a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
URL: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

sffe /

Resource Hash

4489927739ffb15478a62047e3edcdbb21f2597bed149f2a043d60c20f5e7f61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:49:58 GMT
x-content-type-options: nosniff
age: 152549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4622
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 13:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Dec 2024 15:49:58 GMT

GET
DATA 200
OK truncated
/ Frame 4817 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4817 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK laptop_page2_300x250.png
cdn.flashtalking.com/116351/4476205/images/ Frame 875F 75 KB
75 KB 57ms
56ms Image
image/png 23.195.84.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/116351/4476205/images/laptop_page2_300x250.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.84.51 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-195-84-51.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: ec649d9aee9a45fe44f47bfaf613e3fd53bd0bcab67f970407f2e5f638aa2058

Request headers

accept-language: ja-JP
Referer: https://cdn.flashtalking.com/116351/4476205/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:12:27 GMT
X-FT-Origin: us
Connection: keep-alive
Content-Length: 76407
Last-Modified: Thu, 28 Sep 2023 16:59:22 GMT
Server: Flashtalking (AKA)
ETag: W/"4e47c42c3fff6648092246f00413aab7"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=981
X-Varnish: 711418424 640314560
Accept-Ranges: bytes
Expires: Sat, 09 Dec 2023 10:28:48 GMT

GET
H2 200 vwOUmvzU_7P.png
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 2F1A 4 KB
4 KB 32ms
31ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/vwOUmvzU_7P.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/Zb7qjlwFTG5.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

3a4fda7b449ddfa3b11ceb4c715c4c2f042e2cc1949701deb1fb8098d02b9b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/Zb7qjlwFTG5.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
x-content-type-options: nosniff
content-md5: 9RIU8QDS6FQcM7h01mnrGg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4152
reporting-endpoints
x-fb-debug: zHMyKqcSy28Sp2xthRGD/Y/Yg21tSeJagAbem8To+GuOalz2HymvgnPqj6c57Usz/yo0MA9L9cZbSkZJgzz3qA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 20:18:11 GMT

GET
H2 200 369665612_266137682873346_5534008402912216860_n.jpg
scontent-itm1-1.xx.fbcdn.net/v/t39.30808-1/ Frame 2F1A 1 KB
2 KB 34ms
33ms Image
image/jpeg 157.240.209.14
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-itm1-1.xx.fbcdn.net/v/t39.30808-1/369665612_266137682873346_5534008402912216860_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=4da83f&_nc_ohc=MUoP-qGTyK8AX-MeNeA&_nc_oc=AQk9ms-zJqr3Lb7k-VJq5L7nhTapfhzJ23UZ-VxjEWiwUBMQQZNc697509tiOSfO0C8&_nc_ht=scontent-itm1-1.xx&edm=AOJO4v8EAAAA&oh=00_AfAYhMINawYEyLSNcxVIhKS49FFAl-cytWWULigDtPNxhw&oe=657982AF
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaead1972ddc94%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff2c98458ef3a95%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.14 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: c101c172df6fd1ea057115ceb1933d418cd7c0ef00d6932ad3383f478777825f

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 22 Aug 2023 09:35:34 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=60813200
thrift_fmhk: GBCX03v1adikMyRciVIllcr/FfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 37949127
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1523

GET
H2 200 3_USCBHvE2b.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame 2F1A 23 KB
8 KB 121ms
120ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/3_USCBHvE2b.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

5609dbd6bd5496a114ca913530c2dd0aecff8502646c438db58251345eda9545

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: H4RWJCeXQm3W0cqxGvzvfQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7662
reporting-endpoints
x-fb-debug: cwwi5ONWIWCDLJqX14k71VzTSdP0J+GFWf1b2HB+hCJ1LFlWSOfPJ+ZsXqNhiKOE+ski2lkPS2VJC9Vk0KVVng==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 29 Nov 2024 02:42:10 GMT

GET
H2 200 TDpNj7olbQz.js Show response
static.xx.fbcdn.net/rsrc.php/v3iyB-4/yE/l/en_US/ Frame 2F1A 724 KB
158 KB 122ms
121ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iyB-4/yE/l/en_US/TDpNj7olbQz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

3dc6787de4b1097650e4fc18a14d735fbb8e09c5a8159ece51c16593c8cec0e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MeMa4i99MCmxCrMgT75kUg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 161882
reporting-endpoints
x-fb-debug: 6SEACzL07iLFeMRPZOjp1+1LSsDqcACal+lmv2JLLBDvv5PwBV7cIRd+1zbXQFbmKpuPDSGxqh+ul03q8Z+R+Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 17:08:02 GMT

GET
H2 200 QQEU1-TaC4N.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 2F1A 2 KB
1 KB 50ms
49ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/QQEU1-TaC4N.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uDyhM5TI+HxzvqrjM1/g4w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 898
reporting-endpoints
x-fb-debug: jpXegtyhSt0SkZh6ookROgivzVIO0W15/waLWFSNQ7QKBIJGAljllPQiLvoIFHpO9WyoNNGPdoqNHb90wovzKw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 27 Nov 2024 18:22:49 GMT

GET
H2 200 mTbMxtm1CtJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEBX4/y4/l/en_US/ Frame 2F1A 18 KB
6 KB 122ms
122ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEBX4/y4/l/en_US/mTbMxtm1CtJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

1a5bfbcea37051b69ffb51494bca539b16ef2d969086bf4abdef636fc5943679

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JrZuwm1IGLe7IQAoNDgKDA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6379
reporting-endpoints
x-fb-debug: RwC9bbMgxx1+BpkElfmyRjUqh4FUYuq7WljQwcKREAtlyglHZabSr0JPMyZwBF5MoVQsBJQmCtaPJTS1IiLoPQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 27 Nov 2024 21:12:59 GMT

GET
H2 200 HzxD9aAXSyD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 2F1A 55 KB
15 KB 51ms
51ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oRcNmPqvdkv3ysBSBC5rSQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15157
reporting-endpoints
x-fb-debug: caFcZax7wDhvHTxTdGJLpexAbHOkMnL2LXYNiiz53AZOhHalTaJJwcnCGl6FlWXXkIE5uUDpAY+UvGwH1VUjlw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 27 Nov 2024 19:20:18 GMT

GET
H2 200 14huexud5ZL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 2F1A 349 KB
68 KB 263ms
263ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

9e11962c066339f200a342dfdecd23dab603951d49189e9e84723f3cc2008a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Mrpr55hdtBvcwKZxKOzblg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 69594
reporting-endpoints
x-fb-debug: Wcr9FDXKWcc35s9z3eKPaDyt1uJX9/8uUZbLaR7unZXt/w4dGL9JVp9XvWKn/d+T85Xo/2hVzFFBcSeMSSUlgA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 00:49:00 GMT

GET
H2 200 Xa-kykSxUdE.css
static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/ Frame 2F1A 32 KB
7 KB 121ms
120ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/Xa-kykSxUdE.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

3271eecca15405b948944596894209cfc44ced3b8e5e840a5cd6d01b1a31d5ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: YWU4cGhOfIeDPjaHviTsqQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6714
reporting-endpoints
x-fb-debug: E6dyPlfHDrsBdfVDyPBxkOA45wI/NzlFNnopUtHHShShqcSgtQMrrC3fC5uGVZoxk/eoqAklaWEEalhc1OVBKw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 17:52:03 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame D673 35 B
464 B 803ms
184ms Image
image/gif 103.229.10.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMMi5xB3Ht0EsssCUrNXVyg&google_cver=1&google_push=AXcoOmSIXFVCimyZnV5NLwES85G6r-fGE9jZqkJnOPGM1AaApXdNgigKwgQv1zxDwxbXDpODPVq7UeC6AMpYlAOhWruk0pWbGECeHg

Requested by

Host: a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
URL: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D673
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEHUbXWEcdQYqE_mDsNaFrJI&google_cver=1&google_push=AXcoOmTOcazGBxviS72fvwa4muCt3G6YhGattD5eI91qeLwLd1nWOw2F2X6qmvJXjVvxHRTP7J1RjY3R6F_I5wQpgGG_2rtoTNXI
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DA1FA6630AC4537ACAE3051E7A22EF4&google_push=AXcoOmTOcazGBxviS72fvwa4muCt3G6YhGattD5eI91qeLwLd1nWOw2F2X6qmvJXjVvxHRTP7J1RjY3R6F_I5wQ...

170 B
188 B

86ms
86ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DA1FA6630AC4537ACAE3051E7A22EF4&google_push=AXcoOmTOcazGBxviS72fvwa4muCt3G6YhGattD5eI91qeLwLd1nWOw2F2X6qmvJXjVvxHRTP7J1RjY3R6F_I5wQpgGG_2rtoTNXI

Requested by

Host: a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
URL: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Dec 2023 10:12:27 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DA1FA6630AC4537ACAE3051E7A22EF4&google_push=AXcoOmTOcazGBxviS72fvwa4muCt3G6YhGattD5eI91qeLwLd1nWOw2F2X6qmvJXjVvxHRTP7J1RjY3R6F_I5wQpgGG_2rtoTNXI
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 08 Dec 2023 10:12:27 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D673
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEd6u2XYitXjgS8vQb2gvGA&google_cver=1&google_push=AXcoOmR68v5D0Q1KE2MoQjOgAwXIGaqLwfeqpCndi5qg6pma7vkUaC1ctmw5KFQyuLOQ7JNxP4kmRMk7er2G8lyHFI...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjBlYWMyZTYtZTYzNy00MDJjLTg1N2QtMzBkZTRjYWYzNzFm&google_push&gdpr=0&gdpr_consent=&ttd_tdid=20eac2e6-e637-402c-857d-30de4caf371f

170 B
188 B

283ms
283ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjBlYWMyZTYtZTYzNy00MDJjLTg1N2QtMzBkZTRjYWYzNzFm&google_push&gdpr=0&gdpr_consent=&ttd_tdid=20eac2e6-e637-402c-857d-30de4caf371f

Requested by

Host: a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
URL: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjBlYWMyZTYtZTYzNy00MDJjLTg1N2QtMzBkZTRjYWYzNzFm&google_push&gdpr=0&gdpr_consent=&ttd_tdid=20eac2e6-e637-402c-857d-30de4caf371f
date: Sat, 09 Dec 2023 10:12:27 GMT
server: Kestrel
content-length: 423

GET
H/1.1

200
OK

sync
gdn.socdm.com/rtb/ Frame D673
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEOMojaUQPJlNX4plumC67LE&google_cver=1&google_push=AXcoOmSf-tAwf3E2uP9QBVglX9d98d-rrbBSdjAh5NLbpdh3JA7ZsW5sfabljdulu8VON...
https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WlhROWk4Q281c0FBQU4tcFpjZ0FBQUFB
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEOMojaUQPJlNX4plumC67LE&google_cver=1

43 B
977 B

334ms
58ms

Image
image/gif

124.146.215.2
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEOMojaUQPJlNX4plumC67LE&google_cver=1
Requested by: Host: a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
URL: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol: HTTP/1.1
Server: 124.146.215.2 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:12:27 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEOMojaUQPJlNX4plumC67LE&google_cver=1","cluster_id":0,"gdpr":false,"ipv4":"126.85.215.126","key":"ZXQ9i8Co5sAAAN-pZcgAAAAA","privacy_sensitive":false,"uid":"ZXQ9i8Co5sAAAN-pZcgAAAAA","upstream_id":"a-ad40088"}
X-SO-Key: ZXQ9i8Co5sAAAN-pZcgAAAAA
X-SO-Upstream-ID: a-ad40088
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: a-ad40088.dc2p.scaleout.jp
X-SO-UID: ZXQ9i8Co5sAAAN-pZcgAAAAA
Connection: keep-alive
Content-Length: 43
X-SO-IP: 126.85.215.126
X-SO-Cluster-ID: 0
Server: nginx
Content-Type: image/gif
Cache-Control: private
X-SO-Ads-Time: 2
X-SO-LB-Hostname: m-ng38.dc4p.scaleout.jp

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEOMojaUQPJlNX4plumC67LE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D673
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMUNcPKcPE-KnML9J2YPFos&google_cver=1&google_push=AXcoOmRcPByMVGIZOQe3b9RSfTovfaqFEn4uO7sGZ9UKKxFTwHN-s-PQFP3hudv-l7JzSdGv70P1W5KuqXon-w5GXIPYrkA...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRcPByMVGIZOQe3b9RSfTovfaqFEn4uO7sGZ9UKKxFTwHN-s-PQFP3hudv-l7JzSdGv70P1W5KuqXon-w5GXIPYrkAEXajpyQ&google_hm=eS1hRXB2TGtWRTJwRUp1...

170 B
188 B

95ms
94ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRcPByMVGIZOQe3b9RSfTovfaqFEn4uO7sGZ9UKKxFTwHN-s-PQFP3hudv-l7JzSdGv70P1W5KuqXon-w5GXIPYrkAEXajpyQ&google_hm=eS1hRXB2TGtWRTJwRUp1amgwZmh5RWhReGlibS4yb0dJQn5B

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Dec 2023 10:12:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRcPByMVGIZOQe3b9RSfTovfaqFEn4uO7sGZ9UKKxFTwHN-s-PQFP3hudv-l7JzSdGv70P1W5KuqXon-w5GXIPYrkAEXajpyQ&google_hm=eS1hRXB2TGtWRTJwRUp1amgwZmh5RWhReGlibS4yb0dJQn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D673
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFU-e7fsQcEkT3z4X_yCLyA&google_cver=1&google_push=AXcoOmTkEIXfL9LScv91tqaXk5Y4vwD4QaP3v3loZnHxCiKrlzQtPnIkqsaUsQTHosvSZ-bR375...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYV0Q0NFItMjEtNlRTWQ==&google_push=AXcoOmTkEIXfL9LScv91tqaXk5Y4vwD4QaP3v3loZnHxCiKrlzQtPnIkqsaUsQTHosvSZ-bR375WvXSO3dS3wrFLoG4JPIwwkacAAA

170 B
188 B

76ms
75ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYV0Q0NFItMjEtNlRTWQ==&google_push=AXcoOmTkEIXfL9LScv91tqaXk5Y4vwD4QaP3v3loZnHxCiKrlzQtPnIkqsaUsQTHosvSZ-bR375WvXSO3dS3wrFLoG4JPIwwkacAAA

Requested by

Host: a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
URL: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYV0Q0NFItMjEtNlRTWQ==&google_push=AXcoOmTkEIXfL9LScv91tqaXk5Y4vwD4QaP3v3loZnHxCiKrlzQtPnIkqsaUsQTHosvSZ-bR375WvXSO3dS3wrFLoG4JPIwwkacAAA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 391f9361f5b88a0e9c7eae9d872681c8
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D673
Redirect Chain

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESELJHB5KfCYelWIAvWwxGOwY&google_cver=1&google_push=AXcoOmROYDv2tk8LbiDzAMSJeLfnk0YYa2DAhUCf1rnRbb1KqNzN7h3Ws2IH2AMQJ9CGm38dnV5HkDWcJHSN5Taf5...
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmROYDv2tk8LbiDzAMSJeLfnk0YYa2DAhUCf1rnRbb1KqNzN7h3Ws2IH2AMQJ9CGm38dnV5HkDWcJHSN5Taf5mYmu_UHc9iMsQ&google_hm=AexUNF0XHE1uoSV_Rh...

170 B
188 B

223ms
223ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmROYDv2tk8LbiDzAMSJeLfnk0YYa2DAhUCf1rnRbb1KqNzN7h3Ws2IH2AMQJ9CGm38dnV5HkDWcJHSN5Taf5mYmu_UHc9iMsQ&google_hm=AexUNF0XHE1uoSV_RhTRrIM

Requested by

Host: a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
URL: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmROYDv2tk8LbiDzAMSJeLfnk0YYa2DAhUCf1rnRbb1KqNzN7h3Ws2IH2AMQJ9CGm38dnV5HkDWcJHSN5Taf5mYmu_UHc9iMsQ&google_hm=AexUNF0XHE1uoSV_RhTRrIM
Date: Sat, 09 Dec 2023 10:12:27 GMT
Server: Apache
Connection: keep-alive
Content-Length: 233
Content-Type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D673 0
12 B 121ms
120ms Image
text/html 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJdZKSkQR68q_9ldZ9f6srip0iUUU0a01f__qyITFfrNgDjxobuCeOFEAn-Q7Gxy-bkr-N

Requested by

Host: a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
URL: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7833 13 KB
5 KB 116ms
116ms Document
text/html 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 20498
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 04:30:49 GMT
expires: Sun, 08 Dec 2024 04:30:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 00C9 829 B
994 B 115ms
114ms Document
text/html 172.217.161.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f4.1e100.net

Software

GSE /

Resource Hash

213ec59066bfee133bfeb4f11eddf942a45a2b1db99b39080db95cccd748758b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2ymtScC-M673eGoIeiSNdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2ymtScC-M673eGoIeiSNdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:12:27 GMT
expires: Sat, 09 Dec 2023 10:12:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 4817 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87e023f31508fd57d288b971a0680fa1f7ef9cb83a9629549e1dccd2a887bdae

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 av Show response
ad.holmesmind.com/adserver/ Frame D8A5 0
152 B 66ms
65ms Script
text/html 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/av?p=14210:107138:202675:6d6ab656b51ebe4643d7966a10f26a77:23000&type=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame D165
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

281 B
554 B

171ms
72ms

Document
text/html

23.195.85.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.85.83 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-195-85-83.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 09 Dec 2023 10:12:27 GMT
ETag: "20525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 09 Dec 2023 10:12:27 GMT
location: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
server: AkamaiGHost

GET
H/1.1 200 auto-user-sync
ads.stickyadstv.com/ 43 B
494 B 838ms
129ms Image
image/gif 139.99.63.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync?_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.99.63.224 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: ads15-sgp.stickyadstv.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 10:12:28 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1702116748121082-39

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=7bcb19aa43bddf05bc0bad6ad541f82&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

806ms
396ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=7bcb19aa43bddf05bc0bad6ad541f82&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 10:12:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3RCTY3W5NWJ6GANCS7GN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 10:12:28 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=7bcb19aa43bddf05bc0bad6ad541f82&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1702116748209083-39

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bridge3.608.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame 7A96 750 KB
240 KB 95ms
94ms Document
text/html 142.250.196.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f10.1e100.net

Software

sffe /

Resource Hash

5cb453452cb7f5355d1d91b93b3305ab04e5d25a8fc005aeb0031c22ad75e283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 128174
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 245949
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 22:36:13 GMT
expires: Fri, 06 Dec 2024 22:36:13 GMT
last-modified: Wed, 06 Dec 2023 01:36:01 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 92ms
91ms Script
text/javascript 142.251.42.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 10:12:27 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 47A1 40 KB
14 KB 86ms
86ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 09:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 09 Dec 2023 10:28:25 GMT

GET
H2 200 v.php Show response
stg.truvidplayer.com/v5.832/ 190 KB
14 KB 488ms
488ms XHR
text/xml 143.204.86.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/v5.832/v.php?st=EiluCBE_jJCILKAMoW9d4A&e=1702203145&ver=5.832&adid=085de707c51c92d2b517f3f492efdb5f599cb178&videoUrl=https://vid1250.trvdp.com/media/9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d/hls/9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d.m3u8&height=360&width=640&pageHref=https%253A%252F%252Freurl.cc%252FgaOWLp&videoId=9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d&d=reurl.cc&wid=7942&suid=1250&env_browser=Chrome%20120.0.6099
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-97.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: e0f6ce75276e2b0748f724ca3195770fe2356217e4fa6dbbf933d68bf404c89c

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
content-encoding: gzip
via: 1.1 3326ced070f64c37ff4d732ed8d8fe38.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: NRT12-C2
x-cache: Miss from cloudfront
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: g1Hyjnqn8zMgNDyO3kIgRP8xy9vKgRuWKRYtATnJsz69Ztltr1IVnQ==

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 219ms
219ms Image
text/plain 52.54.58.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=Hxq849W9UKKQm7TYfkrUQvtDJN7zbuOK4sdA6fh3hyNEBuCk5Yye2F2RcUPNfzydF5ORMjhTGXjjqFYOcW8Cd8pdtCS9d3r1BMugYMwbAgyFdt6gLz6wydZKNMI3pcvStsqHlStEMl4nDjt9bUpyD0jotVgY37AkQlqT4THHqgbd2+mANshl7CejErH0V/I5wG5M/fDwYGSq4ssup0Y8TH0wcoXjOpdJe1AvFvpo2FE/OdRTAcGpdRMvTzNcDOfTA8fX5nWOZw8Xo53Xfao6xDmT81iVHua2bwCEeCPbNWIMDqi1XhYt8qzxvmWzUl12&cb=30352508
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-58-110.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
server: nginx/1.6.2

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 00C9 0
0 144ms
144ms Image
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=4485176617027537&rc=
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 7833 39 KB
15 KB 92ms
92ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 296096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 23:57:31 GMT

GET
H2 200 326118906875223.mpd Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/dash-abr3/ Frame 2F1A 11 KB
2 KB 634ms
194ms Fetch
application/dash+xml 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/dash-abr3/326118906875223.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfCaR52a6aOuR_H2M2MmSz8B0DykrP14k_w9QGp3pRgZfw&oe=6575DF9E
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 813fcb9f341d0530a108631da8ca21e551be94e6f604c89a3b2ff66d84fabe99

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:28 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702116747
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
x-fb-latest-segment-ts: 5845837
alt-svc: h3=":443"; ma=86400
content-length: 1586
x-fb-origin-hit: 1
etag: bc39d6f14fbafa6145930c44be9ffe80
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
x-fb-edge-debug: u-bigCgXQmm9pPkZmXQ68abNpJAIiojrXbgRe3IwYaMcaDOnbhU_R78eAA2OQp0ZOFgtH9o7kR6HGlZNrHhEGXEzDD0nIu1wkWHMOHHMEfk
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ag-Kz-WMvnK.png
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 2F1A 330 B
522 B 88ms
87ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/ag-Kz-WMvnK.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

45445cdb742ba713feadbb749a2328f90698cc052372bb736682afcb5e7c6345

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:27 GMT
x-content-type-options: nosniff
content-md5: eAFd0hA109+Saq2CKxwDiw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 330
reporting-endpoints
x-fb-debug: GxdUAOfEy1PfUoL3RuOqDa774LyuOTBOSQYHb51/huBvPiAU77dukEIPpHkj4o0h9Ca5DSchEsRr/xS/8+N5iA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 03 Dec 2024 18:36:55 GMT

GET
H2 200 gDitvOzbw6T.png
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame 2F1A 8 KB
8 KB 143ms
143ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/gDitvOzbw6T.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/Xa-kykSxUdE.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

9d5497521bfc84947a23dd5687f8629f34ce7d1dd3d37cc83d9c6f14d2af0cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/Xa-kykSxUdE.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:27 GMT
x-content-type-options: nosniff
content-md5: Mgl5lSWRJJAq6dF2coyXXQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8119
reporting-endpoints
x-fb-debug: MiIESDksxEr+EA7iBRCrq/vskl5LHcxydYy+fLuLeFgpDZPpD6VSdxFJZ4TDgThhqv+LDxxmgAx89YAuVyYFQQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 18:33:16 GMT

GET
H2 200 SWhawEjeLCn.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 2F1A 3 KB
3 KB 144ms
143ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/SWhawEjeLCn.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

01a33f0ff59e28cd463d425548a593e150506f7f0d1c958403bae903f5e8e2e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
x-content-type-options: nosniff
content-md5: /zrKWNzqQF1I3EnT4Zj6CQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3327
reporting-endpoints
x-fb-debug: IBZXp7Jc9znas/NjePHIOpq60lAf8MqJ/ybFtD4q5qQoAcForrP6orMMJSMdfiv4rjFpJ8c5T6hGBSsQqxtGog==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 24 Nov 2024 18:08:46 GMT

POST
H2 200 / Show response
www.facebook.com/video/unified_cvc/ Frame 2F1A 267 B
368 B 232ms
232ms XHR
application/x-javascript 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/video/unified_cvc/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7M54/ys/l/en_US/aQFKd1NFgFT.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

1ed305d6ed11e1086007c3f3ccd2081f0122aa6d3dd61d41a00b5cab9d401328

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: xV99JPalZAff-GsRUwQucV
Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaead1972ddc94%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff2c98458ef3a95%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 10:12:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: KUVtc/d66ayR9GAAdU+NbNA/c2EoQvPGdq6KE0mNte16gTowCBYIp4T1t28MJVHAgf1c52hYjSqa5QMudp//+Q==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 72ms
72ms Preflight
text/html 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=C3-8lij10ZaaNKeKY29gPmemrmASSgKzadJn4yvWzEWQQASDSzIEaYImL24TIFKAByIadpAPIAQmpAgTpx1W3oT0-4AIAqAMByAPLBKoEsQJP0JhNPqAqGbKcKQMkoiluLNaVBIrchoSeJ73XB1rEV24Ql7GTehAWtvNV63GtTVho-o7fp7V4MQtD5zf-MpnuZ29wTm-SS1X2B7lqjQKrHlp7UhdfVopLyZgk3x9Z4zasrx-Q91O9fLQt2GzfUXh8f_Fu7FeoY-YwX20tousZP9PDSwANdWSTyEPJyhd1s-E-MKXPaQquL-dzY_ua4MY9Sh_5stcle_UQ9S9qfmZY7LGMXPM5QzeSR7aSs-Rah5n9GR8-XT4B6gzFFGs7re4J_VMnL_Jz9P0erUf2eLLqUAerh5TuHYKs1GJbVcn43dzCmSRBDo6XQIC6atuIa1IPcIMUjjEX6Z9c4SFY7gd5QT0uaV3BD6OD_QNRm10L0kSS1Fub4ha2Bm8jxk-Z4rDGmMAEidH5kqYE4AQBiAXL_cuHS5IFBAgEGAGSBQQIBRgEoAYugAeg-eJbqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQn4AD0ggdCIBhEAEYHTICigI6AoBASL39wTpYmrqzgI-CgwOaCSxodHRwczovL3d3dy5waXp6YWh1dC5qcC90b3BpYy9odXRkYXkvdGFrZW91dIAKA8gLAZgMrN_KhrIEogwQKg4KDOS0sQLutbECtbixAtoMEQoLEPDardnljpXotQESAgED4g0TCJPns4CPgoMDFWLMFgUdmfQKQ7gTgwTYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=XMvwHYMnDrY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNH_BVnxl2p8wuMQg6D4I4Y11XVH414WEAmsuPrYiAgCqO3I0tMDtUU-OfUrUnZcdl343blHvYGAE&template_id=515&cbvp=2&vis=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 10:12:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4817
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=C3-8lij10ZaaNKeKY29gPmemrmASSgKzadJn4yvWzEWQQASDSzIEaYImL24TIFKAByIadpAPIAQmpAgTpx1W3oT0-4AIAqAMByAPLBKoEsQJP0JhNPqAqGbKcKQMkoiluLNaVBIrchoSe...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7dc10bcfbf397ce10000000000000000%22,%222%22:%220x9465210d30641e000000000000000000%22,%223%22:%220xc363cc...

0
0

196ms
95ms

Fetch
text/css

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7dc10bcfbf397ce10000000000000000%22,%222%22:%220x9465210d30641e000000000000000000%22,%223%22:%220xc363cca6bce1a80e0000000000000000%22,%224%22:%220xb04470f6d2b814b50000000000000000%22,%225%22:%220xfd72e5f09eeed1e80000000000000000%22},%22debug_key%22:%2217755392585254900515%22,%22debug_reporting%22:true,%22destination%22:%22https://pizzahut.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22881279816%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22582647946980985857%22}&andc=true

Requested by

Host: a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
URL: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:28 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x7dc10bcfbf397ce10000000000000000","2":"0x9465210d30641e000000000000000000","3":"0xc363cca6bce1a80e0000000000000000","4":"0xb04470f6d2b814b50000000000000000","5":"0xfd72e5f09eeed1e80000000000000000"},"debug_key":"17755392585254900515","debug_reporting":true,"destination":"https://pizzahut.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["881279816"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"582647946980985857"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 10:12:28 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 10:12:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x7dc10bcfbf397ce10000000000000000","2":"0x9465210d30641e000000000000000000","3":"0xc363cca6bce1a80e0000000000000000","4":"0xb04470f6d2b814b50000000000000000","5":"0xfd72e5f09eeed1e80000000000000000"},"debug_key":"17755392585254900515","debug_reporting":true,"destination":"https://pizzahut.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["881279816"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"582647946980985857"}&andc=true
access-control-allow-origin: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 font
fonts.gstatic.com/l/ Frame 4817 25 KB
26 KB 135ms
135ms Font
font/woff2 142.250.207.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxrN03dVttgmIOyCRwkRVzDcOU904C6FxDCuocTz3v6tf-LDRVuPjR2FPPmIiH-L1zwgzPtLLEhROQckmaNx_8PAbPRAvtMYwlCs0hcEwZgexn2tgoxpn_5k--4JYlEzMYkfpYou5-mRPiJHpgsnUUQBhJhkls4tPIysrqELdPv-SIt2v_UJmxkPKBZAH1v5kAwmpqMlmuqM7QLi-MeMPAi7GgEpfgj51UxHaaPjCz_XTPOLIhPRxzKmkudljSxXJQlEhhb4SPxv3FM&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%83%E5%B8%82%E3%81%97%E3%82%A6%EF%BC%A6%E5%BA%83%E3%83%BC%E3%83%86%E7%BE%8E%E3%82%A2%E2%88%92%E3%83%8D%E5%AE%893%EF%BC%98%E9%A1%9E%E6%B3%A8%E6%96%87%E3%83%94%E6%99%82%E3%81%8F%E6%9C%A8%EF%BC%930%E3%81%84%E7%9B%AE%EF%BC%97%E9%9D%924%E5%B3%B6%E3%83%93%E3%82%AF%EF%BC%92%E3%83%88%E3%82%B6%E3%82%A4%E3%82%92%E5%8D%97%E3%83%B31%E3%83%8F%E4%B8%81%E5%91%B3%E5%8C%BA%EF%BD%9E%E5%BA%975%EF%BC%91%E5%85%A8%E4%BD%90%E5%AE%85%E3%83%AB%E9%85%8D%E5%88%862%E7%A8%AE%20%E5%8F%A4%E9%96%8B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s11-in-f3.1e100.net

Software

ESF /

Resource Hash

21d6c5b259b6c56b1a101da5da1d432618f60e38d7eb3d0c9b884a30e0f20e2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26028
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:12:27 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 7833 0
41 B 74ms
74ms Image
text/plain 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kW5w1Q
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 178ms
74ms Preflight
text/html 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 10:12:28 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 220ms
220ms Image
text/plain 52.54.58.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=Hxq849W9UKKQm7TYfkrUQvtDJN7zbuOK4sdA6fh3hyOgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9A+3lvufnuzPrgtacu65TmgoBK+gssjT1GYMgMwpFtpXeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mCkOE5BnAs42POGAyW6MitTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YG23K/bBcrK0Sx7fxwrxMYwWkv9dLqfckNS24XYsUW3/bCssTHAQMFf9VT/pvZlQ+AOouGsM95za/c6mIaF/Mo8UQ1ZNFclDVuHLZ13dMOayISywq/NBJGBb30h00bl9groR7DxHNthtHOev6mBy+mA==&cb=93765348
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-58-110.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:28 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 419ms
419ms Image
text/plain 52.54.58.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=Hxq849W9UKKQm7TYfkrUQvtDJN7zbuOK4sdA6fh3hyOsXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9A+3lvufnuzPrgtacu65TmgoBK+gssjT1GYMgMwpFtpXeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mCkOE5BnAs42POGAyW6MitTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YG23K/bBcrK0Sx7fxwrxMYwWkv9dLqfckNS24XYsUW38Xcdk6y0N82/UdCjNBh5fF1cAseAzVY0N2nSRaRaVYvMUQ1ZNFclDVuHLZ13dMOayISywq/NBJGBb30h00bl9groR7DxHNthtHOev6mBy+mA==&cb=79490666
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-58-110.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:28 GMT
server: nginx/1.6.2

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D165 46 KB
13 KB 42ms
42ms Script
text/html 23.195.85.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.85.83 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-195-85-83.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 32d3abe0a42c7f746e925a02b58d39496c8b01c27bdc90ef251893e7133751e3

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 10:12:27 GMT
Content-Encoding: gzip
Last-Modified: Sat, 09 Dec 2023 00:36:30 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=51843
Connection: keep-alive
Content-Length: 13231
Expires: Sun, 10 Dec 2023 00:36:30 GMT

GET
H2 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C66 50 KB
19 KB 37ms
37ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:15:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 12:15:33 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BE22 0
56 B 73ms
73ms Ping
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3093409100084&version=m202309260101&ct=77&x=1&cor=17705448152181406000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 7A96 8 KB
1 KB 1515ms
1456ms XHR
text/xml 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVVBTRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1913813375585865&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2FgaOWLp&description_url=https%3A%2F%2Freurl.cc%2FgaOWLp&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=5C7D0B1D-1F03-496D-AD5B-833886E4CEE6&a3p=EloKDWNyd2RjbnRybC5uZXQSQDc3NDY1ODQ1Y2VkODM5ODhjMGNlYTk3MWE2NDIxODVjYTAyYzZmYmM2MjEzMGEwMjBmOTMxMDYxZmY5MTI1YjkYqrzB8MQxSAASGwoMMzNhY3Jvc3MuY29tGN-2wfDEMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjetsHwxDFIAFICCGQSFwoIcnRiaG91c2UYwrrB8MQxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVdXTldkVlJzU1hwVVNHbHdhRzVwV2padVpGcFNkejA5SW4wPRj4vMHwxDFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806632&top=https%3A%2F%2Freurl.cc%2FgaOWLp&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&dlt=1702116742242&idt=5654&dt=1702116747970&cookie=ID%3D3c81c65bb6e7fd75%3AT%3D1702116744%3ART%3D1702116744%3AS%3DALNI_MbVdxQtb329Kc-UJ7848Dh8l8CdDQ&gpic=UID%3D00000ca7c28aafd3%3AT%3D1702116744%3ART%3D1702116744%3AS%3DALNI_Mb9U4WE4S3Kb9H3lMiBmQEPMKuW4g&scor=332171821690461&ged=ve4_td6_tt0_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ffb24f57613be6ca6e4ea4d0a0d046ea864d94ae7b6f77a2cc3c45b940d2076d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 932
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame D165 7 B
776 B 593ms
163ms XHR
application/json 8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 8879d63542e1f07dd8e6d691f6d521da
Expires: 0

GET
H2 200 326118906875223_0-init.m4v Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/dash-lp-qd-v/ Frame 2F1A 657 B
1 KB 30ms
29ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/dash-lp-qd-v/326118906875223_0-init.m4v?ms=m_CL&ccb=2-4&sc_t=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 91524c70ede9562d1bd8976201f4f2fd6b24d2c4844f4f7d0d862e1c5a685f81

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:28 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 657
x-fb-origin-hit: 1
etag: dafa03c4322ee93b9877156294613134
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 3
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-qd:4457

GET
H2 200 326118906875223_0-init.m4a Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/dash-lp-pst-a/ Frame 2F1A 596 B
703 B 38ms
38ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/dash-lp-pst-a/326118906875223_0-init.m4a?ms=m_CL&ccb=2-4&sc_t=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: b429486bdd6630fb3fdfa332e7919855881da3a3b2a51d62eaa1ced0862bfb5b

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:28 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 596
x-fb-origin-hit: 1
etag: 52c1f97c21907e522dbb150d78184338
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 2
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-pst:4456

GET
H2 200 326118906875223_0-2790.m4v Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/ Frame 2F1A 32 KB
32 KB 62ms
62ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/326118906875223_0-2790.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 1bcbcd0462c2709611deeeaa97bae378a3e951a6135e98b1c5e41d6661c574a9

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:28 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 32993
x-fb-first-keyframe-offset: 475
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 4
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-qd:9482

GET
H2 200 326118906875223_0-2790.m4a Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/ Frame 2F1A 18 KB
18 KB 38ms
38ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/326118906875223_0-2790.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: e020872e332c740930142fd3f09564f8917bd62257445d61eb46ed974d961f2d

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:28 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 18123
x-fb-first-keyframe-offset: 160
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 3
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-pst:8936

GET
H2 200 hEMKKmOYzQt.js Show response
static.xx.fbcdn.net/rsrc.php/v3i_nv4/yf/l/en_US/ Frame 2F1A 278 KB
62 KB 55ms
53ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i_nv4/yf/l/en_US/hEMKKmOYzQt.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

4a91cc3d7f0943cabdd61ca1ff8f5e4747c2e81349fbc490de26380a4d817733

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: l/edax+DGCft42NvWht7yA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 63759
reporting-endpoints
x-fb-debug: 1JSPOzEfuiWqeFW4JVIbYhFwz00DostQU8tPQhNoF/MkTmLMlBfyqK1+CQxPbtm/X9WpO6I38x3TD14sWdxm+w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 06 Dec 2024 21:31:42 GMT

GET
H2 200 n_-qBIIk9pY.js Show response
static.xx.fbcdn.net/rsrc.php/v3i3qK4/y9/l/en_US/ Frame 2F1A 3 MB
535 KB 69ms
68ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i3qK4/y9/l/en_US/n_-qBIIk9pY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

373cff4a5be14637fbe35895c47e016b43fe37c32a6d704cd59da533185c6bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: u25TYieIphl1mCe9Uae9hQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 547393
reporting-endpoints
x-fb-debug: BReTTsl+eqCRJx94C/VX4YeiIOTXhxok3qbr9flYfhaF9fqQ/3JQ6VieYjuwiWj1LACwln44i5tCRSWFq3qy3w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 08 Dec 2024 02:15:41 GMT

GET
H2 200 gnVnXHSGQH6.js Show response
static.xx.fbcdn.net/rsrc.php/v3inoo4/yD/l/en_US/ Frame 2F1A 336 KB
79 KB 55ms
53ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3inoo4/yD/l/en_US/gnVnXHSGQH6.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

68b6eb9c48e3b113a3d1872ef75032d9f7f9771d9d2617bf058d7bc2f5070831

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: RERFNWoDwhrE9psu3Nx99A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 80800
reporting-endpoints
x-fb-debug: eblAStu4Jc2BOktRnSbtey9BXCAxpm0tgPOHyhjs/bwOUIVG900f2jQ1F+Qr2UZOPBX6hAV9oST3h+Jl8O1q8w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 21:02:50 GMT

GET
H2 200 Cf8jcTzOUp9.js Show response
static.xx.fbcdn.net/rsrc.php/v3iuWr4/yC/l/en_US/ Frame 2F1A 26 KB
7 KB 53ms
52ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iuWr4/yC/l/en_US/Cf8jcTzOUp9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

208cd6c1ec51a2737c544e3da4166eb917333e9dd588841e599143f7f083de85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wu8OzYuRZpaUCFL3HzI4JQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6798
reporting-endpoints
x-fb-debug: hkgBEdla2Qlnx3zAkaqNCqIf0J0E8IJQ5qNhLOsFLQBbesjCPm5B/ysKUcJHu0mH9rrwYsZFonje49Jn6Ap5xw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 23:51:42 GMT

GET
H2 200 F4j9B2xJ1Ib.css
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/ Frame 2F1A 4 KB
1 KB 306ms
305ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/F4j9B2xJ1Ib.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

ea76b764cc79e34aacb5473f624f54f6da49da1d10b00cb931075a6bd0d38c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /gOrTztJymIBgB0hri867Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1208
reporting-endpoints
x-fb-debug: l6rBK5YqtAUDnSaG5JTjegirVvk8buCEbP2ZfC6O7IaOvqzQk/j52kr3Ncjmmr4kR4j9yNfE4t+imKRMrz1+cw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 06 Dec 2024 03:49:49 GMT

GET
H2 200 9dN_FA4mMHO.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/yV/l/en_US/ Frame 2F1A 7 KB
3 KB 306ms
305ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yV/l/en_US/9dN_FA4mMHO.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

1cdfea8482ec87dbfecfc0b3914b3e9d90e2c32f7f601261cc79369092894312

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: m6Kjybcr8DtynOk5chZEYA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2768
reporting-endpoints
x-fb-debug: VNzuYkKfMSHoOqnyAQMwRL+rk8NO8Mr4wzGtPblnntKYGWvyVZP0yT020Wa2CPkR1y/hSBAqylyOzLMVzFVYSQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 18:28:16 GMT

GET
H2 200 LkMD_RZF8jy.css
static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/ Frame 2F1A 20 KB
5 KB 307ms
306ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/LkMD_RZF8jy.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

6871de12df8d1d3da3dff8d6370933ba3630a6e9ce19bf93eca651967a221c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: rQ6y8Q+a67+IAU26MAyLYQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5322
reporting-endpoints
x-fb-debug: Lz8dI/kVLucHVtbPFhCMiW3qkkYVGTLn5VCAtSlonvN+suCFDTQhukzjiY+JzDThE2qXebx/miyjayiTmpDlCA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 17:52:03 GMT

GET
H2 200 RBd9zOUieH7.css
static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/ Frame 2F1A 47 KB
10 KB 307ms
306ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/RBd9zOUieH7.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

431486b008ef8dcacc621c3f8fd446b9a43db474fc6e1766b4189d71984acfa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QDW3Rfz0SFYiygPDvO4N+w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10209
reporting-endpoints
x-fb-debug: CUZwAMgPJ9PHLYWMQ79rqh4M8phkoMs356PJ1ipP2jYoMbe/bLg9sIwXUgaq9dshRm+oAxhBpGez2pedgNyCUw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 06 Dec 2024 20:11:07 GMT

GET
H2 200 / Show response
www.facebook.com/ajax/bootloader-endpoint/ Frame 2F1A 14 KB
3 KB 248ms
248ms XHR
text/javascript 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/ajax/bootloader-endpoint/?modules=VideoSettingsControl.react&__user=0&__a=1&__req=2&__hs=19700.BP%3Aplugin_video_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010319003&__s=%3A%3Aquq237&__hsi=7310535758732424795&__dyn=7xeUmKewgUng5KbwKBAodo6C2i5U4e1Fx-ewPG323616whoS2S2bwmo3vx60Vo8olwe21wKE4W15w8i0KEswIwuo667Uy1nzUmw5Cx62G3i0ha2l2Utw78waOfwbK0RE5a1qw8W5U4q0HUvw4Jwp8ow46wbS1Lwqo2Ywcq0mW&__csr=&locale=en_US&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

769fb1d31db0642ea530fc81ba3edac191792a1e067a412b13b5ae7d4478d622

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaead1972ddc94%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff2c98458ef3a95%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sat, 09 Dec 2023 10:12:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: Bh7PcxUY7p3oXBQlOw0K6Y7gfeJXKJClokEt+oZl5X/2IvuCwH4lhoVSG8Rq63w+2LW3P029f4lRHzreI3lJfw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/video/unified_cvc/ Frame 2F1A 267 B
345 B 289ms
288ms XHR
application/x-javascript 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/video/unified_cvc/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7M54/ys/l/en_US/aQFKd1NFgFT.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

0fb4363c3a3abf8e74c50d3978fab2b105b246ed9e84756ebdd0cbabd43fd742

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: xV99JPalZAff-GsRUwQucV
Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaead1972ddc94%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff2c98458ef3a95%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 10:12:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: jMq+QzbgUFpaPylKA6/yVvSeyHFSbE44UOsgHQ2lfXK9cF0gNxWf6lP3gUnon4VPHSdV29eZHyNfoF6AYHPKOQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AA7A 0
0 115ms
114ms Image
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=4485176617027537&bg=!-Pul-7TNAAY3kmNgF5I7ADQBe5WfOOIFqNr9mI0KLaIaB9fy7NONebItxR8EtJX0JAoKrMi-ID55FsI3MD6a3wq1XtNZAgAAAEZSAAAAA2gBB5kDJHxYiXYzo7pd5heZcncGyAAjlpGflk_CitES9MTTxP4xlq8o6bzv2irTn8bMOkcAym4sNrGKHRc0OqucSjMLJOzH7s-ijIEIiSiKJOpsLJXkTbvHHTwd2tkn_2ycuuM2xQIIemdWKIHTnzoypX5Rp8VbIYWadtnfVOkygNjHfBdDNNUoTFJynb03wOZipxdAYbMM3hJ7UAMHV3hU6TzZg01QP-EHhAp7bWOsrk6Inqd2cSExvmpjnuvK0q5En-FndIBYEV7zIm5um8zVrtN6WwT7PW9yySFH5CBToaKje3bjp_58NwTOA4wBiYToBWClGtU425fciUmOlZ0MjEkHrKBeg0D97oinOxqsuWiKjQRLu7KMjk_zqGHLz1Np3cS7D3H8RG13aoXH4Lvhk9pbrGmdjCdBlqLngAEQHs40MgnopQLpejioKBX6FdJnGjcDu0YxLDyky0mHwCGlcf-QCAFzjd_MpbnYRNIoKDxMccAOM-nBbBtzsr_WCnB6qVLk_yY65yBILw3fkkWHcIPL5pBErN8t-mQGY-11VK8KEaAJdqRfrdoqIux4I_dmF_Ho5oUtlTXmHsHHkb0cVs1zuQrDg6guWplZBhTPbaso6PBWIP8jTzQsTEtfn2C43_ZMI5tyO_D_0nwGknhxoUxr67ElU02d4nmRO84oJarbf8XaVFj8HTHx6jGjbiUmsA294SlBffkUVMBV79k8x6_POVK_lheUwUJlHKMvyGPmPJHKobuvlGUP6rE5zfo_TTWWJYBHcchbaspGoid_zkJfyTPm5mnnhepuickRahsfbDt8YMwcpTob1CyH9EedfPFyRbLFYm2FS3FaqE9FsPKW2S3e9BXhUfq2aYR-X7k5G1eUM3oZ8CWof0ADdyvJhgq6xJpiXohTDW2cuwSvIXv7xzQDL_Kelm7TPvB0uiAu2gSuknhVMtiBJgUFM06qpsL0u3eRGK7pjqXN7ddITbXFi5mHOPh5cXO7gvgdrVU210-lccnXkR8z4xf64mYDJ6zYeASt_jCsIhkbnn6hg2u3gHurkYJiCokmOSrWifP_fJN0gljSCw
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 326118906875223_0-2791.m4a Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/ Frame 2F1A 18 KB
19 KB 88ms
88ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/326118906875223_0-2791.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 12718ad584b8d0f53398c1cabf7ad5219908cd9286eaf4f47e11128a98dba658

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:28 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 18870
x-fb-first-keyframe-offset: 167
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 1
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-pst:1065

GET
H2 200 326118906875223_0-2791.m4v Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/ Frame 2F1A 34 KB
34 KB 232ms
230ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/326118906875223_0-2791.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 40f4b7485993353e029f85c2589e80079b7a815514598320bd688452185ccc32

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:28 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 34429
x-fb-first-keyframe-offset: 817
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 3
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-qd:1602

POST
H2 200 bz Show response
www.facebook.com/ajax/ Frame 2F1A 0
132 B 202ms
202ms XHR
text/html 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmKewgUng5KbwKBAodo6C2i5U4e1Fx-ewPG323616whoS2S2bwmo3vx60Vo8olwe21wKE4W15w8i0KEswIwuo667Uy1nzUmw5Cx62G3i0ha2l2Utw78waOfwbK0RE5a1qw8W5U4q0HUvw4Jwp8ow46wbS1Lwqo2Ywcq0mW&__hs=19700.BP%3Aplugin_video_pkg.2.0..0.0&__hsi=7310535758732424795&__req=4&__rev=1010319003&__s=%3A%3Aquq237&__sp=1&__user=0&dpr=1&jazoest=21938&locale=en_US&lsd=xV99JPalZAff-GsRUwQucV

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/3_USCBHvE2b.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaead1972ddc94%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff2c98458ef3a95%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary38aA2YzbHspxTMeV

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 10:12:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: KgDFlor8AgH8w7IbO+aghxwXB8CvE3jwquXKS79dSScqGh7HfDROhakKkFrYDZkZnr6fKOAuyIoy87B++Jn7dw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
access-control-allow-methods: OPTIONS
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
vary: Origin
content-type: text/html; charset="utf-8"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

usersync.php
stg.truvidplayer.com/ Frame D165
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=truvid&khaos=LPXWD4NE-1U-KWIN
https://stg.truvidplayer.com/usersync.php?provider_id=rubicon&user_id=LPXWD4NE-1U-KWIN

0
464 B

202ms
201ms

Image
text/html

143.204.86.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stg.truvidplayer.com/usersync.php?provider_id=rubicon&user_id=LPXWD4NE-1U-KWIN
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 143.204.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-97.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
content-encoding: gzip
via: 1.1 3326ced070f64c37ff4d732ed8d8fe38.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: NRT12-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: 5g1SusRxgdmBHcGKAcWh1NkcCMfcbYgSNf95dC2XG0ztmzAkWADZBg==

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://stg.truvidplayer.com/usersync.php?provider_id=rubicon&user_id=LPXWD4NE-1U-KWIN
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ad49a0f18e050afeb6359164ab3bd56e
Expires: 0

GET
H2 200 326118906875223_0-2792.m4v Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/ Frame 2F1A 34 KB
34 KB 35ms
35ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/326118906875223_0-2792.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: c5132ab11e6b9743c546a27d0e42d2548b2c39992cf0e7f57802d700e79139a0

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:28 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 35046
x-fb-first-keyframe-offset: 165
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 1
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-qd:3778

GET
H2

200

activity;src=1295336;type=cs;cat=Viewa0;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;ord=1
adservice.google.com/ddm/fls/z/dc_pre=CK_rsIGPgoMDFbZzDwIdKasPWA;src=1295336;type=cs;cat=Viewa0;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/ Frame 8EBA
Redirect Chain

https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115752;u15=...
https://ad.doubleclick.net/activity;dc_pre=CK_rsIGPgoMDFbZzDwIdKasPWA;src=1295336;type=cs;cat=Viewa0;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/activity;src=1295336;...
https://adservice.google.com/ddm/fls/z/dc_pre=CK_rsIGPgoMDFbZzDwIdKasPWA;src=1295336;type=cs;cat=Viewa0;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/activity;src=12953...

42 B
401 B

497ms
93ms

Image
image/gif

172.217.161.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CK_rsIGPgoMDFbZzDwIdKasPWA;src=1295336;type=cs;cat=Viewa0;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;ord=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

172.217.161.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s23-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/dc_pre=CK_rsIGPgoMDFbZzDwIdKasPWA;src=1295336;type=cs;cat=Viewa0;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_...
adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CNSBsYGPgoMDFYNtDwIddUMIfw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_2... Frame 8EBA
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_3...
https://ad.doubleclick.net/ddm/activity/src=1295336;dc_pre=CNSBsYGPgoMDFYNtDwIddUMIfw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5...
https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CNSBsYGPgoMDFYNtDwIddUMIfw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5B...

42 B
107 B

499ms
95ms

Image
image/gif

172.217.161.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CNSBsYGPgoMDFYNtDwIddUMIfw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1%7Chttps://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

172.217.161.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s23-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CNSBsYGPgoMDFYNtDwIddUMIfw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1%7Chttps://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115752;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0L5gppRlswe.png
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 2F1A 404 B
622 B 31ms
31ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/0L5gppRlswe.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/F4j9B2xJ1Ib.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

b22620fc4d630726cb3f47fac6ade45801e71c9d90dc6ab148e51dbcc910944e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/F4j9B2xJ1Ib.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 10:12:28 GMT
x-content-type-options: nosniff
content-md5: bDizLuK+pYt04fjxlQ20xQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 404
reporting-endpoints
x-fb-debug: lI37fDBArD1cUUMQhIQUdGj+AOBonGqaVXidDfXlOlEzdvyiH86nlJhpOvGJq5O0DE0oU7qB+8yPYwYGl9nN3A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 03 Dec 2024 18:33:24 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D165
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKJvh-T96Zcl0b9-jf2YkvA&google_cver=1

42 B
841 B

527ms
143ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKJvh-T96Zcl0b9-jf2YkvA&google_cver=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 391f9361f5b88a0e9c7eae9d872681c8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKJvh-T96Zcl0b9-jf2YkvA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D165
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/9YEyWYxRdxI6eBwRVcnTJcn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kCTCdElE2oJAP97KqMTP6KM.LKXczyaBUxtZHg--~A

42 B
841 B

335ms
142ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kCTCdElE2oJAP97KqMTP6KM.LKXczyaBUxtZHg--~A
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 391f9361f5b88a0e9c7eae9d872681c8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 09 Dec 2023 10:12:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kCTCdElE2oJAP97KqMTP6KM.LKXczyaBUxtZHg--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame D165
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=h2CFfWxwSRWZxriUAksGqw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=h2CFfWxwSRWZxriUAksGqw

43 B
720 B

216ms
216ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=h2CFfWxwSRWZxriUAksGqw

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 10:12:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T719EAZKQNGT1X2PJE1C
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=h2CFfWxwSRWZxriUAksGqw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 391f9361f5b88a0e9c7eae9d872681c8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame D165
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPXWD4NE-1U-KWIN

0
514 B

565ms
198ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPXWD4NE-1U-KWIN
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:28 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 6BED53BBCD69412B9F7396A6A2B9D492 Ref B: OSA30EDGE0415 Ref C: 2023-12-09T10:12:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYMEPA4UEAgewwxupP8DQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPXWD4NE-1U-KWIN
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8879d63542e1f07dd8e6d691f6d521da
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D165
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBYV0Q0TkUtMVUtS1dJTg==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFU-e7fsQcEkT3z4X_yCLyA&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYV0Q0TkUtMVUtS1dJTg==&google_push=

170 B
188 B

72ms
72ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYV0Q0TkUtMVUtS1dJTg==&google_push=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBYV0Q0TkUtMVUtS1dJTg==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Expires: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame D165
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5auOixNiRtqrcPf5O92aQQ&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5auOixNiRtqrcPf5O92aQQ

43 B
479 B

293ms
293ms

Image
image/gif

67.220.228.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5auOixNiRtqrcPf5O92aQQ

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

HTTP/1.1

Server

67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 10:12:30 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EY3X2A2Z7TW24YYNACHM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5auOixNiRtqrcPf5O92aQQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 391f9361f5b88a0e9c7eae9d872681c8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D165
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=20eac2e6-e637-402c-857d-30de4caf371f&gdpr=0&gdpr_consent=&expires=30

42 B
841 B

417ms
144ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=20eac2e6-e637-402c-857d-30de4caf371f&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 391f9361f5b88a0e9c7eae9d872681c8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=20eac2e6-e637-402c-857d-30de4caf371f&gdpr=0&gdpr_consent=&expires=30
date: Sat, 09 Dec 2023 10:12:28 GMT
server: Kestrel
content-length: 289

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D165
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjc2ZWJkNzdkZWZjNDRkYjQ2ZDAzNTUxMGUyNmJmYmZjM2IyNThhMA

170 B
188 B

73ms
73ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjc2ZWJkNzdkZWZjNDRkYjQ2ZDAzNTUxMGUyNmJmYmZjM2IyNThhMA

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjc2ZWJkNzdkZWZjNDRkYjQ2ZDAzNTUxMGUyNmJmYmZjM2IyNThhMA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8879d63542e1f07dd8e6d691f6d521da
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame D165
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
https://s.amazon-adsystem.com/ecm3?id=LPXWD4NE-1U-KWIN&ex=d-rubiconproject.com&status=ok

43 B
479 B

493ms
201ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LPXWD4NE-1U-KWIN&ex=d-rubiconproject.com&status=ok

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 10:12:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: R4DCYFJXH8SW6M30J14C
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LPXWD4NE-1U-KWIN&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 391f9361f5b88a0e9c7eae9d872681c8
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D165
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB0A07K6HsAABPX7Xkm1g&expires=30

42 B
841 B

418ms
144ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB0A07K6HsAABPX7Xkm1g&expires=30
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 391f9361f5b88a0e9c7eae9d872681c8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB0A07K6HsAABPX7Xkm1g&expires=30
Date: Sat, 09 Dec 2023 10:12:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame D165
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=primis
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPXWD4NE-1U-KWIN
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPXWD4NE-1U-KWIN
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPXWD4NE-1U-KWIN&ckls=true&ci=SLvU4qHrvJ&nc=false&trid=-1033850490

43 B
1 KB

359ms
212ms

Image
image/gif

18.65.185.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPXWD4NE-1U-KWIN&ckls=true&ci=SLvU4qHrvJ&nc=false&trid=-1033850490
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 18.65.185.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-185-99.nrt57.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:30 GMT
via: 1.1 1ec5c4b165968f8e5c872b374a497e8e.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT57-P2
x-cache: Miss from cloudfront
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: _14RGne6By6kirndv3syYWgPDJaABOAQhJOckL07LneBmiLvdqASyg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:30 GMT
via: 1.1 1ec5c4b165968f8e5c872b374a497e8e.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT57-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPXWD4NE-1U-KWIN&ckls=true&ci=SLvU4qHrvJ&nc=false&trid=-1033850490
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: gS5d_dTXoI6xcGAKgC65lH4Vso_ZK2SCen817v41p730VVupsj-zPQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
capi.connatix.com/us/ Frame D165
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=19564
https://capi.connatix.com/us/pixel?puid=LPXWD4NE-1U-KWIN&pId=11&gdpr=&gdpr_consent=&us_privacy=
https://capi.connatix.com/us/pixel?puid=LPXWD4NE-1U-KWIN&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

82 B
82 B

158ms
157ms

Image
image/gif

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?puid=LPXWD4NE-1U-KWIN&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 832c7855b83c8d1f-KIX
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 09 Dec 2023 10:12:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
location: https://capi.connatix.com/us/pixel?puid=LPXWD4NE-1U-KWIN&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 832c7854bec68d1f-KIX
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame D165
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
https://prebid.a-mo.net/setuid/magnite?uid=LPXWD4NE-1U-KWIN

0
449 B

761ms
266ms

Image
text/plain

131.153.206.102
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LPXWD4NE-1U-KWIN
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 131.153.206.102 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 6
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LPXWD4NE-1U-KWIN
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 391f9361f5b88a0e9c7eae9d872681c8
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D165
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=3766f758-cd66-4777-9d13-f1781d8da9bb&expires=30

42 B
841 B

144ms
144ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=3766f758-cd66-4777-9d13-f1781d8da9bb&expires=30
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 391f9361f5b88a0e9c7eae9d872681c8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=3766f758-cd66-4777-9d13-f1781d8da9bb&expires=30
Date: Sat, 09 Dec 2023 10:12:30 GMT
Connection: keep-alive
X-CI-RTID: bcc23fe0-a01b-4c5d-bda7-e26a4fb59f5b
Content-Length: 144
Content-Type: text/html; charset=utf-8

GET
H2

200

cksync
hb.yahoo.net/ Frame D165
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPXWD4NE-1U-KWIN&redir=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPXWD4NE-1U-KWIN&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1jRFRFOFFwRTJ1R3d5a3VzMXAyMjFpeW5DTlV1X1dLX35B&ovsid=LPXWD4NE-1U-KWIN&dpid=58160

53 B
647 B

187ms
53ms

Image
image/gif

23.204.139.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1jRFRFOFFwRTJ1R3d5a3VzMXAyMjFpeW5DTlV1X1dLX35B&ovsid=LPXWD4NE-1U-KWIN&dpid=58160

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

23.204.139.141 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-204-139-141.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Sat, 09 Dec 2023 10:12:30 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Sat, 09 Dec 2023 10:12:30 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1jRFRFOFFwRTJ1R3d5a3VzMXAyMjFpeW5DTlV1X1dLX35B&ovsid=LPXWD4NE-1U-KWIN&dpid=58160
date: Sat, 09 Dec 2023 10:12:30 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

v1
match.sharethrough.com/sync/ Frame D165
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPXWD4NE-1U-KWIN

68 B
280 B

648ms
110ms

Image
image/png

52.77.5.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPXWD4NE-1U-KWIN
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 52.77.5.102 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-5-102.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:30 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPXWD4NE-1U-KWIN
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 391f9361f5b88a0e9c7eae9d872681c8
Expires: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4817 42 B
108 B 79ms
79ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsPMRDfwtzQObaB6SMUBqlq_IkZAkis12yAYyeETz0nqQNmjrkT-WO8rBJ3R4IpXZ505XfMZrSolRiHChkRB2oTQ4tsyGLwh1mRgRiySwzSytzQChoAbs16dNxI2jRxFvRXATpfx5M6x2qkJmuEFLRuqXgx9ftfnskSJ4L8mghVl-7MsxJhhOkPJ3TpC4wbuUHRIAsS7bsnk3ZVg1tyOyiS1o0HssiP1L7UEjfSCrGjjZu63pSTHw7DvntlsouNt99gffPg7gWHmTYHCOwFKEQxY6ASWRr4IMxaeScySswhWDWgwaIetwuwiloiMsLHrCEhijIYteRTTPRB9nVi6iVM1HStPvjeytrPujpxEpEOuwkSWxMxqEUrVMp-0JY_5e4uF-0FgzsTXWr1YC-G0eIibmDOH24YwJ-z-Sgm1mXwm-d50YQjtisp0RKO0PlBAw9x_yMVXFBJtHN8Xi5KESh7YuspDo4b6RDUmrek5MD7_Q35XX9tryFrE7M02N2rXF67yuLIZM3SAUnjJj93obuU4tiP3PfPQR3PU9R1jo47WhQvRWcp2klaITh7tZn0onMfb2I63Kv3WjXfo6iu0LZuL4NxFOxcazg0aAw2SbMwpp0uHx4oj8c9d1Sg3zOGYWCWjpBjNyXr9yQOR2otStSTdbXjmtCjMdDyx9Va7HiwYS7K8MtdhGiUuOs13dQYFAgAD6RuMlGvSiR_DQWodMVGV9_mVtt5vsSywlG9yFqGY39re7RrbI4tt4c_pKCvX9aL-8bQOhC8xv_Oer2gm_2hgXEN2U72B_yeWaTuu24diEpshY91Gos7HOlXH2XIsPvHUL4waepH6q2UE6GpHq4wWAVq7XGLYT_7aKqIOSD7-N7GJtU8qYhKdSpEZ0w_UrJC-qqiwJSfCyqcjVU_8CxrMKEUMmo3fFvIetQv64QOzwLhe28o_WrKDXkXn3tvUrr2Rs5z1JMcugD0FUSJ_pVPwK_YFtvWM4AfVY_9ltwWapcEUc7i2PiC2vcTE3D_0VV6BAg6ghaKwLdqP6ODsFEUB3T0r8Of3Ync1pf2UWFYuW18WdgoIheWo9-u211Q_YCJuJ9zFIRS_Bos6ssn0-FFr0STQ3MAYQsEPgWuPKxoPGpi0Y2JUECPQs-kB5C2HW6UPtMYxzGvuemLKnBRo8b08uPJgqeTkXZUxm_5KdPljUYQedi2-8kuorWID57rGPnPnFlGgTR_8YrkweqO3fvAhJV_GgmgQKCN2WFvizKGSt5vSnMmfv06jZi0b-KzLm9B0v2g6xHL_NfhsjPGV43BHtsUd8DZDCHXrTNVgdkdYinsmwt_1EFHKt8rKmKkeL_AasaOKBCiMOe2AaWR3wQY7eyzljClm149lrLgw3Fgnd1s7qennBDFk3QMpNs4xQ9jFxbZD9_cKpzwQ0UYMebXmwhJ0GcvHTmLCpwMkX_XjiihXKXdA&sai=AMfl-YT0pEcKCHvL2rTNmOSFZrSPVVfMMva9axOji1UVLTbPk_SnrlIWKyRoRF5PPtnCanCOIl9xU1ugN8fzt8ZYL6bmKcpWRFtVywhkOTRTfAUXPzFH4Dm1NZrtu7F2HKvhB-ddWKJg2XMn2HGOk_Vc0c4Bmjk&sig=Cg0ArKJSzKe4plDWPrm2EAE&cid=CAQSOwDICaaNH_BVnxl2p8wuMQg6D4I4Y11XVH414WEAmsuPrYiAgCqO3I0tMDtUU-OfUrUnZcdl343blHvYGAE&id=lidar2&mcvt=1000&p=358,640,458,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1212019568&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702116747047&rpt=888&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 326118906875223.mpd Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/dash-abr3/ Frame 2F1A 11 KB
2 KB 31ms
31ms Fetch
application/dash+xml 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/dash-abr3/326118906875223.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfCaR52a6aOuR_H2M2MmSz8B0DykrP14k_w9QGp3pRgZfw&oe=6575DF9E
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 813fcb9f341d0530a108631da8ca21e551be94e6f604c89a3b2ff66d84fabe99

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702116747
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
x-fb-latest-segment-ts: 5845837
alt-svc: h3=":443"; ma=86400
content-length: 1586
x-fb-origin-hit: 1
etag: bc39d6f14fbafa6145930c44be9ffe80
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 204
No Content event.png
tpsc-ae1.doubleverify.com/ Frame B8B8 0
345 B 166ms
107ms Ping
text/plain 34.149.43.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ae1.doubleverify.com/event.png?impid=f94b5fb838244941b0132b005f8eab31&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_asmm=1&vdur=291&eoid=18&te_exec=0&msrjs=5084&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=0&tetms=6&msltms=59&vltms=291&sei=289&vetms=13&tuviims=97&tuviems=401&engms=1&engisel=1&ee_dp_ddtes=2&dvp_dtcov=4&sim=3&msrcanlm=392&msrcannum=3&ee_dp_tmads=2428&ismms=1027&isumms=1026&nvr=6&isgmmims=1027&isgmv4mims=1027&elmtp=1&isbxdms=2346&b0=100&b11=1440&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=1540&sftb=1540&msrdp=2&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1956&isuiabvms=1956&isgmpims=1140&isgmv4dpims=1956&ispmxpms=1956&engalms=1026&dvp_dpr=1&vstsz=739&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3313
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5084.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
Pragma: no-cache
Date: Sat, 09 Dec 2023 10:12:29 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-12-08T10:12:29

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 7A96 156 B
200 B 334ms
333ms XHR
text/xml 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2FVideo1%2FVVVBTRVD_reurl.cc&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&url=https%3A%2F%2Freurl.cc%2FgaOWLp&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Freurl.cc%2FgaOWLp&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&bumper=before&max_ad_duration=30000&min_ad_duration=0&sid=5C7D0B1D-1F03-496D-AD5B-833886E4CEE6&ad_type=video&adk=2925625687&correlator=1913813375585865&ctv=0&dlt=1702116742242&dt=1702116749512&ged=ve4_td8_tt2_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts2_eb16491&idt=5654&is_amp=0&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&npa=false&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=332171821690461&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Freurl.cc%2FgaOWLp&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806632&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=104502601&deg_qid=CP-TioGPgoMDFWlOwgUdTLQMEA&degraded=true&kfa=0&tfcd=0&a3p=EloKDWNyd2RjbnRybC5uZXQSQDc3NDY1ODQ1Y2VkODM5ODhjMGNlYTk3MWE2NDIxODVjYTAyYzZmYmM2MjEzMGEwMjBmOTMxMDYxZmY5MTI1YjkYqrzB8MQxSAASGwoMMzNhY3Jvc3MuY29tGN-2wfDEMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjetsHwxDFIAFICCGQSFwoIcnRiaG91c2UYwrrB8MQxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVdXTldkVlJzU1hwVVNHbHdhRzVwV2padVpGcFNkejA5SW4wPRj4vMHwxDFIAA..&cookie=ID%3D3c81c65bb6e7fd75%3AT%3D1702116744%3ART%3D1702116744%3AS%3DALNI_MbVdxQtb329Kc-UJ7848Dh8l8CdDQ&gpic=UID%3D00000ca7c28aafd3%3AT%3D1702116744%3ART%3D1702116744%3AS%3DALNI_Mb9U4WE4S3Kb9H3lMiBmQEPMKuW4g

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 87ms
87ms Ping
text/plain 142.250.207.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702116742667&gcd=11l1l1l1l1&dma=0&cid=1347942568.1702116743&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1702116743&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&_s=2&tfd=7515
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.207.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s54-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-ae1.doubleverify.com/ Frame 8EBA 0
345 B 110ms
110ms Ping
text/plain 34.149.43.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ae1.doubleverify.com/event.png?impid=1f3077bf1dc94432b78e588767253a1d&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_btreg=4398657&ee_dp_btros_64=0&ee_dp_asmm=1&vdur=121&eoid=17&te_exec=0&msrjs=5084&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=54&tetms=6&msltms=41&vltms=121&sei=290&vetms=1&tuviims=63&tuviems=185&engms=1&engisel=1&ee_dp_ddtes=2&dvp_dtcov=4&sim=3&msrcanlm=456&msrcannum=4&ee_dp_tmads=2263&ismms=14&isumms=13&nvr=6&isgmmims=14&isgmv4mims=14&elmtp=1&isbxdms=2226&b0=100&b11=2350&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=2450&sftb=2450&msrdp=0&naral=192&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1014&isuiabvms=1014&isgmpims=114&isgmv4dpims=1014&ispmxpms=1014&engalms=13&dvp_dpr=1&vstsz=1259&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3127
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5084.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
Pragma: no-cache
Date: Sat, 09 Dec 2023 10:12:29 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-12-08T10:12:29

GET
H2 200 326118906875223_0-2792.m4a Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/ Frame 2F1A 18 KB
19 KB 28ms
27ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/326118906875223_0-2792.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: c10ceaf0f11c314d2de11e215aad1739e861676a38f93643f142a2f9644228d2

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 18893
x-fb-first-keyframe-offset: 157
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 2
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-pst:3236

GET
H2 200 326118906875223_0-2793.m4a Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/ Frame 2F1A 18 KB
18 KB 29ms
28ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/326118906875223_0-2793.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 2d8e5707f61f87a2b7f6f47d0c80447272931698c0a7301d387e52162499b6bb

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 18829
x-fb-first-keyframe-offset: 166
x-fb-origin-hit: 1
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 2
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-pst:5402

GET
H2 200 326118906875223_0-2794.m4a Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/ Frame 2F1A 18 KB
18 KB 31ms
31ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/326118906875223_0-2794.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 3676c75714b0e943982021629ad0962a6a822eeb2e907c8ae97b44f2e7d51619

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 18780
x-fb-first-keyframe-offset: 163
x-fb-origin-hit: 1
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 4
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-pst:7591

GET
H2 200 326118906875223_0-2793.m4v Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/ Frame 2F1A 26 KB
26 KB 27ms
27ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/326118906875223_0-2793.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: a2d26787c163c76904362956f1632d950111421b5799dd19bd99e5d29b418158

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 26980
x-fb-first-keyframe-offset: 88
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 1
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-qd:5946

GET
H2 200 326118906875223_0-2795.m4a Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/ Frame 2F1A 18 KB
18 KB 29ms
29ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/326118906875223_0-2795.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 7f20464bcc65e39c5219d72ad575732d510fe863ba2b3d21b0a489e36a753eb4

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 18804
x-fb-first-keyframe-offset: 163
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 4
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-pst:9775

GET
H2 200 326118906875223_0-2794.m4v Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/ Frame 2F1A 37 KB
37 KB 40ms
40ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/326118906875223_0-2794.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 6c90cf0682d3034d3a1f4ee5c3ab2cf248a274531b0d714011412c6d221aa042

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 37930
x-fb-first-keyframe-offset: 894
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 3
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-qd:8127

GET
H2 200 326118906875223_0-2796.m4a Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/ Frame 2F1A 19 KB
19 KB 29ms
29ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/326118906875223_0-2796.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 1227da1f30cd91bcc03d92d6f63df9ed1752ca2fad652f7df206e55dd6f41c8e

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 18945
x-fb-first-keyframe-offset: 191
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 4
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-pst:1937

GET
H2 200 326118906875223_0-2795.m4v Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/ Frame 2F1A 37 KB
37 KB 26ms
26ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/326118906875223_0-2795.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 318af6bdb38737c8f197d65bc1dff6908dee45fbb562a84247f28e82a43fd7ea

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 37875
x-fb-first-keyframe-offset: 370
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 1
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-qd:0303

GET
H2 200 326118906875223_0-2797.m4a Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/ Frame 2F1A 18 KB
18 KB 74ms
73ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/326118906875223_0-2797.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: f62ef0ed589ecb35e040a0e768da9c712dddd1354f93de734af2169936b3beef

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 18112
x-fb-first-keyframe-offset: 171
x-fb-origin-hit: 1
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 11
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-pst:4136

GET
H2 200 326118906875223_0-2796.m4v Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/ Frame 2F1A 37 KB
37 KB 57ms
57ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/326118906875223_0-2796.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 1e64a7f573c234b822ba5781b74571438a69f6aeddb3cb96d3b74c848eab79be

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 38280
x-fb-first-keyframe-offset: 711
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 1
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-qd:2475

POST
H2 204 csi
csi.gstatic.com/ Frame 7A96 0
234 B 990ms
338ms Ping
image/gif 142.251.166.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpxwd46a&c=5303300310063&slotId=2651650155031.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.166.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: gl-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 326118906875223_0-2798.m4a Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/ Frame 2F1A 19 KB
19 KB 33ms
32ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/326118906875223_0-2798.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 9701f3aa828bf62b68fe6a791d7deb8a2139bb11fbb8d052b8ac902ff2648b5b

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 18948
x-fb-first-keyframe-offset: 169
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 2
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-pst:6295

GET
H2 200 326118906875223_0-2797.m4v Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/ Frame 2F1A 28 KB
28 KB 38ms
38ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/326118906875223_0-2797.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 5ff01fe8edd72c6bb4f00ef31950ce0a35c6acb24cc5cd4e1acecdc6c3df0d5f

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 28842
x-fb-first-keyframe-offset: 215
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 3
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-qd:4653

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 7A96 156 B
190 B 1382ms
1381ms XHR
text/xml 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2FVideo1%2FVVVBTRVD_reurl.cc&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&url=https%3A%2F%2Freurl.cc%2FgaOWLp&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Freurl.cc%2FgaOWLp&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&pmnd=0&pmxd=180000&max_ad_duration=120000&sid=5C7D0B1D-1F03-496D-AD5B-833886E4CEE6&ad_type=video&adk=2925625687&correlator=1913813375585865&ctv=0&dlt=1702116742242&dt=1702116749857&ged=ve4_td8_tt2_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&idt=5654&is_amp=0&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&npa=false&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=332171821690461&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Freurl.cc%2FgaOWLp&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806632&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=104502601&deg_qid=CP-TioGPgoMDFWlOwgUdTLQMEA&degraded=true&kfa=0&tfcd=0&a3p=EloKDWNyd2RjbnRybC5uZXQSQDc3NDY1ODQ1Y2VkODM5ODhjMGNlYTk3MWE2NDIxODVjYTAyYzZmYmM2MjEzMGEwMjBmOTMxMDYxZmY5MTI1YjkYqrzB8MQxSAASGwoMMzNhY3Jvc3MuY29tGN-2wfDEMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjetsHwxDFIAFICCGQSFwoIcnRiaG91c2UYwrrB8MQxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVdXTldkVlJzU1hwVVNHbHdhRzVwV2padVpGcFNkejA5SW4wPRj4vMHwxDFIAA..&cookie=ID%3D3c81c65bb6e7fd75%3AT%3D1702116744%3ART%3D1702116744%3AS%3DALNI_MbVdxQtb329Kc-UJ7848Dh8l8CdDQ&gpic=UID%3D00000ca7c28aafd3%3AT%3D1702116744%3ART%3D1702116744%3AS%3DALNI_Mb9U4WE4S3Kb9H3lMiBmQEPMKuW4g

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:31 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 326118906875223_0-2799.m4a Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/ Frame 2F1A 18 KB
18 KB 62ms
62ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/326118906875223_0-2799.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 5a4cf779b660d70be388759dc223fa0aeaa933e7979d0301226419f2015076f9

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
x-fb-dynamic-latest-segment-id: 2798
x-fb-dynamic-predictive-response-chunk-size: 4457
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
x-fb-first-keyframe-offset: 186
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 7
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-pst:9938

GET
H2 200 326118906875223_0-2798.m4v Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/ Frame 2F1A 34 KB
34 KB 58ms
58ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/326118906875223_0-2798.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 63d4788816b3985fc7c7ee485e096af6d5001045d813c273b6bbb4f83ead2437

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 34499
x-fb-first-keyframe-offset: 1148
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 3
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-qd:6763

GET
H2 200 326118906875223_0-2799.m4v Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/ Frame 2F1A 55 KB
55 KB 40ms
40ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/326118906875223_0-2799.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 70db6b844908c31fe360baca0e648a95d038d8e7a9dac39761e3d499aed8d1f6

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:29 GMT
x-fb-dynamic-latest-segment-id: 2798
x-fb-dynamic-predictive-response-chunk-size: 17339
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
x-fb-first-keyframe-offset: 486
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 6
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-qd:9986

GET
H2 200 326118906875223_0-2800.m4a Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/ Frame 2F1A 18 KB
19 KB 531ms
530ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/326118906875223_0-2800.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 76740d0aa1e1de9d9f6cada6f013e70f274e08f9d4f78b0ba38004054cb7e198

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:30 GMT
x-fb-dynamic-latest-segment-id: 2799
x-fb-dynamic-predictive-response-chunk-size: 4388
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
x-fb-first-keyframe-offset: 168
x-fb-origin-hit: 1
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 496
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-pst:0543

GET
H2 200 326118906875223.mpd Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/dash-abr3/ Frame 2F1A 11 KB
2 KB 26ms
25ms Fetch
application/dash+xml 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/dash-abr3/326118906875223.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfCaR52a6aOuR_H2M2MmSz8B0DykrP14k_w9QGp3pRgZfw&oe=6575DF9E
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 52c6d1b1e00bb108060468a7d54d5a15e67d43c7d96896f45cd9614640c8554f

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:30 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702116749
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
x-fb-latest-segment-ts: 5847955
alt-svc: h3=":443"; ma=86400
content-length: 1586
x-fb-origin-hit: 1
etag: 6403bd92ac4d036297602d136f8b6b7b
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 326118906875223_0-2800.m4v Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/ Frame 2F1A 38 KB
39 KB 565ms
565ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/326118906875223_0-2800.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 39cbccaf07b38345ae2ca8dc64d986d1707e6b06269e342c089a5fdda99e4f28

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:31 GMT
x-fb-dynamic-latest-segment-id: 2799
x-fb-dynamic-predictive-response-chunk-size: 17126
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
x-fb-first-keyframe-offset: 1239
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 538
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-qd:1060

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 7A96 156 B
189 B 351ms
350ms XHR
text/xml 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2FVideo1%2FVVVBTRVD_reurl.cc&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&url=https%3A%2F%2Freurl.cc%2FgaOWLp&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Freurl.cc%2FgaOWLp&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&bumper=after&max_ad_duration=30000&min_ad_duration=0&sid=5C7D0B1D-1F03-496D-AD5B-833886E4CEE6&ad_type=video&adk=2925625687&correlator=1913813375585865&ctv=0&dlt=1702116742242&dt=1702116751279&ged=ve4_td9_tt3_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491&idt=5654&is_amp=0&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&npa=false&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=332171821690461&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Freurl.cc%2FgaOWLp&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806632&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=104502601&deg_qid=CP-TioGPgoMDFWlOwgUdTLQMEA&degraded=true&kfa=0&tfcd=0&a3p=EloKDWNyd2RjbnRybC5uZXQSQDc3NDY1ODQ1Y2VkODM5ODhjMGNlYTk3MWE2NDIxODVjYTAyYzZmYmM2MjEzMGEwMjBmOTMxMDYxZmY5MTI1YjkYqrzB8MQxSAASGwoMMzNhY3Jvc3MuY29tGN-2wfDEMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjetsHwxDFIAFICCGQSFwoIcnRiaG91c2UYwrrB8MQxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVdXTldkVlJzU1hwVVNHbHdhRzVwV2padVpGcFNkejA5SW4wPRj4vMHwxDFIAA..&cookie=ID%3D3c81c65bb6e7fd75%3AT%3D1702116744%3ART%3D1702116744%3AS%3DALNI_MbVdxQtb329Kc-UJ7848Dh8l8CdDQ&gpic=UID%3D00000ca7c28aafd3%3AT%3D1702116744%3ART%3D1702116744%3AS%3DALNI_Mb9U4WE4S3Kb9H3lMiBmQEPMKuW4g

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 326118906875223.mpd Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/dash-abr3/ Frame 2F1A 11 KB
2 KB 56ms
55ms Fetch
application/dash+xml 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/dash-abr3/326118906875223.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfCaR52a6aOuR_H2M2MmSz8B0DykrP14k_w9QGp3pRgZfw&oe=6575DF9E
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: 52c6d1b1e00bb108060468a7d54d5a15e67d43c7d96896f45cd9614640c8554f

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:31 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702116749
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
x-fb-latest-segment-ts: 5847955
alt-svc: h3=":443"; ma=86400
content-length: 1586
x-fb-origin-hit: 1
etag: 6403bd92ac4d036297602d136f8b6b7b
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame D5C8 0
0 74ms
73ms Fetch
image/gif 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2QeDyWoGZJ9OeSV8YKUanqGyD2EuDHEsCmUOdD0jvwqO3oX6fGHql1hYlAUuuDEDLQPlIaNu7qAo1jq-SBXj2Lzj39FR16JDotSwUQNsyeLGuRjiVQC-sWAg40aUJFJ0J0Y2TtnLrMhAHgK5FM6U-jArJV_Hh2GhbYy_Gq6AqtogwDQc9q9QbazvTI_VNYvJZBhE74iRaOPKmQ_RC5bU-WiXmPaHwR0g0mz4g9KPdLCoK9pnmDmdEh3Dqco2RiefQxVzrPJGYk_kfCShOFD7rstjGQGFe2hOZCfHKdWt5WtRr5tr-DXN7mgI0fCr0ukPoeeq2-sM_HX4zlRZd1BgdkXVWaKXrQcyz1gJUfPfaEE5gEljs-s54LI9yX5vvVt4&sai=AMfl-YSCuQLv5E1KAMC_0AA2zHEbZfrm97ps2C7Bick4DlXYScsYzEaiBqF-kgvq90VOGnhbGb5oIXTJFgMc8fedW3BxJWcWplDIzRKkMJjJhCpnAmWFXIfblP5AjWamruH-Kru_nOtQwOAVurllA0Px-6To4LQgIRgh2buTYw&sig=Cg0ArKJSzIoah70RplS2EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 10:12:31 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 86ms
85ms XHR
application/json 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

cc35c6efaef12a567e4258a8158e5a3aaf4111a88f20c32752a59633c47f5225

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12107
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6F48 15 KB
6 KB 53ms
52ms Document
text/html 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:12:31 GMT
server: Kestrel
server-processing-duration-in-ticks: 7590927
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 221ms
220ms Image
text/plain 52.54.58.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=Hxq849W9UKKQm7TYfkrUQvtDJN7zbuOK4sdA6fh3hyOgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9A+3lvufnuzPrgtacu65TmgoBK+gssjT1GYMgMwpFtpXeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mnF/4EfUv+ObssSILJImrMDrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Ymlz2jTlR2xCNKBKR4Ih2fnIX1dszhM1tc8eywCrkwIlW5/VzPv1TkVwfTNtXjp3TfTByheM6l0l7UC8W+mjYUY2b1+taGRagB+h5LVDbTFXDjaEHqgU/3PmbtW8J6EFNT4wjgV+4EvebhDVp5y97wA==&cb=58421006
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-58-110.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:31 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 391ms
391ms Image
text/plain 52.54.58.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=Hxq849W9UKKQm7TYfkrUQvtDJN7zbuOK4sdA6fh3hyOsXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9A+3lvufnuzPrgtacu65TmgoBK+gssjT1GYMgMwpFtpXeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mnF/4EfUv+ObssSILJImrMDrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Ymlz2jTlR2xCNKBKR4Ih2fnIX1dszhM1tc8eywCrkwIneTdU870wTStyvdid4LALCwM2ZCua1Zl8BebX7mVYKVY2b1+taGRagB+h5LVDbTFXDjaEHqgU/3PmbtW8J6EFNT4wjgV+4EvebhDVp5y97wA==&cb=53244904
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-58-110.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:31 GMT
server: nginx/1.6.2

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 7A96 156 B
190 B 320ms
319ms XHR
text/xml 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVEGATRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1913813375585865&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2FgaOWLp&description_url=https%3A%2F%2Freurl.cc%2FgaOWLp&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=5C7D0B1D-1F03-496D-AD5B-833886E4CEE6&a3p=EloKDWNyd2RjbnRybC5uZXQSQDc3NDY1ODQ1Y2VkODM5ODhjMGNlYTk3MWE2NDIxODVjYTAyYzZmYmM2MjEzMGEwMjBmOTMxMDYxZmY5MTI1YjkYqrzB8MQxSAASGwoMMzNhY3Jvc3MuY29tGN-2wfDEMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjetsHwxDFIAFICCGQSFwoIcnRiaG91c2UYwrrB8MQxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVdXTldkVlJzU1hwVVNHbHdhRzVwV2padVpGcFNkejA5SW4wPRj4vMHwxDFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806632&top=https%3A%2F%2Freurl.cc%2FgaOWLp&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&dlt=1702116742242&idt=5654&dt=1702116751649&cookie=ID%3D3c81c65bb6e7fd75%3AT%3D1702116744%3ART%3D1702116744%3AS%3DALNI_MbVdxQtb329Kc-UJ7848Dh8l8CdDQ&gpic=UID%3D00000ca7c28aafd3%3AT%3D1702116744%3ART%3D1702116744%3AS%3DALNI_Mb9U4WE4S3Kb9H3lMiBmQEPMKuW4g&scor=332171821690461&ged=ve4_td10_tt4_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:31 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 6F48 449 B
557 B 82ms
82ms Fetch
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=2x6ah19DcWElMkZzNXZvJTJCV2V1NE9yTGJ1Y2lCaFdnWlpkSmFQcExEUU16VFh5SDQlMkZ3UGxYYzdVRGx4YmhVRkF1clNVWWZBbjY0Q05samRHdjE3Z2RDcGRNUmM0U2VRcXVJJTJCczBjRVpwZnBEOGo4WVhFTzllaE02ajVSOFppWE9LeGhiTEM5QjJ6dFZrcXBpV1ppenp1JTJGRjNYOCUyRlElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

176d9d930c3ac85e0a57ff0538dd2d8da6e74786690e794722e31621a826a7eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1411164
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 161ms
161ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 10:12:31 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E028 13 KB
5 KB 35ms
35ms Document
text/html 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 20502
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 04:30:49 GMT
expires: Sun, 08 Dec 2024 04:30:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AA70 829 B
793 B 76ms
75ms Document
text/html 172.217.161.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f4.1e100.net

Software

GSE /

Resource Hash

4c89b72a5f5940ff8e45d22244a3ba03fe2509a261040bc4c18afe202a8b5377

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8hWTM1QD4M6xYggp19UmMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8hWTM1QD4M6xYggp19UmMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 10:12:31 GMT
expires: Sat, 09 Dec 2023 10:12:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E028 39 KB
15 KB 40ms
39ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 296100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 23:57:31 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7A96 0
54 B 194ms
193ms Ping
image/gif 142.251.166.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpxwd5p6&c=5303300310063&slotId=2651650155031.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44804291%2C44806632
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.166.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: gl-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 265ms
265ms Image
text/plain 52.54.58.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=Hxq849W9UKKQm7TYfkrUQvtDJN7zbuOK4sdA6fh3hyOgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9A+3lvufnuzPrgtacu65TmgoBK+gssjT1GYMgMwpFtpXeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mp4tvMa4BrXLT4wqO1yzRYTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Yl3RHw6AIohwjsKG2UnLj027w+gRSTDk1BIN+GsF0ooRL6/6bjzykFx1cfoywZSzAWo5MjD/Bz+AwOLWI+OomroBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=79945248
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-58-110.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:32 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 265ms
264ms Image
text/plain 52.54.58.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=Hxq849W9UKKQm7TYfkrUQvtDJN7zbuOK4sdA6fh3hyOsXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9A+3lvufnuzPrgtacu65TmgoBK+gssjT1GYMgMwpFtpXeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mp4tvMa4BrXLT4wqO1yzRYTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Yl3RHw6AIohwjsKG2UnLj027w+gRSTDk1BIN+GsF0ooRogipnm5WLZ+KL3+1jLiFz2wrLExwEDBX/VU/6b2ZUPoBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=72881246
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-58-110.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:32 GMT
server: nginx/1.6.2

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 7A96 8 KB
1019 B 754ms
753ms XHR
text/xml 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVEATRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1913813375585865&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2FgaOWLp&description_url=https%3A%2F%2Freurl.cc%2FgaOWLp&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=5C7D0B1D-1F03-496D-AD5B-833886E4CEE6&a3p=EloKDWNyd2RjbnRybC5uZXQSQDc3NDY1ODQ1Y2VkODM5ODhjMGNlYTk3MWE2NDIxODVjYTAyYzZmYmM2MjEzMGEwMjBmOTMxMDYxZmY5MTI1YjkYqrzB8MQxSAASGwoMMzNhY3Jvc3MuY29tGN-2wfDEMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjetsHwxDFIAFICCGQSFwoIcnRiaG91c2UYwrrB8MQxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVdXTldkVlJzU1hwVVNHbHdhRzVwV2padVpGcFNkejA5SW4wPRj4vMHwxDFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806632&top=https%3A%2F%2Freurl.cc%2FgaOWLp&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&dlt=1702116742242&idt=5654&dt=1702116751997&cookie=ID%3D3c81c65bb6e7fd75%3AT%3D1702116744%3ART%3D1702116744%3AS%3DALNI_MbVdxQtb329Kc-UJ7848Dh8l8CdDQ&gpic=UID%3D00000ca7c28aafd3%3AT%3D1702116744%3ART%3D1702116744%3AS%3DALNI_Mb9U4WE4S3Kb9H3lMiBmQEPMKuW4g&scor=332171821690461&ged=ve4_td10_tt4_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

62a348d19aed551d23c7c2893df6e935f4bf314d03184b090c92e8264306e311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 941
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AA70 0
0 85ms
85ms Image
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=4373668189368071&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame E028 0
39 B 42ms
42ms Image
text/plain 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nGjUYg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 326118906875223_0-2801.m4a
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/ Frame 2F1A 4 KB
0 387ms
387ms Fetch
video/mp4 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-pst-a/326118906875223_0-2801.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:32 GMT
x-fb-dynamic-latest-segment-id: 2800
x-fb-dynamic-predictive-response-chunk-size: 4393
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
x-fb-first-keyframe-offset: 171
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 343
x-fb-video-livetrace-parentsource: CDN:elb:H:itm1c01:dash-lp-pst:2705

GET
H2 200 326118906875223.mpd Show response
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/dash-abr3/ Frame 2F1A 11 KB
2 KB 26ms
25ms Fetch
application/dash+xml 157.240.209.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/dash-abr3/326118906875223.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfCaR52a6aOuR_H2M2MmSz8B0DykrP14k_w9QGp3pRgZfw&oe=6575DF9E
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.209.8 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-itm1.fbcdn.net
Software: /
Resource Hash: e4f69d2ebf1cb4b02a3c5b25facf32d9ac2e632e13cfa3845a8f1cf01eedb79a

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:12:32 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702116751
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
x-fb-latest-segment-ts: 5850130
alt-svc: h3=":443"; ma=86400
content-length: 1586
x-fb-origin-hit: 1
etag: 3e6a76cff455755b0df15946431a6748
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 bz Show response
www.facebook.com/ajax/ Frame 2F1A 0
150 B 200ms
200ms XHR
text/html 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmKewgUng5KbwKBAodo6C2i5U4e1Fx-ewPG323616whoS2S2bwmo3vx60Vo8olwe21wKE4W15w8i0KEswIwuo667Uy1nzUmw5Cx62G3i0ha2l2Utw78waOfwbK0RE5a1qw8W5U4q0HUvw4Jwp8ow46wbS1Lwqo2Ywcq0mW&__hs=19700.BP%3Aplugin_video_pkg.2.0..0.0&__hsi=7310535758732424795&__req=5&__rev=1010319003&__s=%3A%3Aquq237&__sp=1&__user=0&dpr=1&jazoest=21938&locale=en_US&lsd=xV99JPalZAff-GsRUwQucV

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/3_USCBHvE2b.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaead1972ddc94%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff2c98458ef3a95%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FTW.ASEDO%2Fvideos%2F322556727351785%2F&locale=en_US&sdk=joey&show_text=false&width=280
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryubyzcl2BnjoVp1ja

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 10:12:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: N6hAeeHT23vQOKthcUtfY50tQvS2KbAR5faE1AvjviHcANtYWqXo44PNiPpKuLla9E2fTQdpfBY/12uX66t3WA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
access-control-allow-methods: OPTIONS
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
vary: Origin
content-type: text/html; charset="utf-8"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
73ms Image
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=4373668189368071&bg=!dHeldzjNAAY3kmNgF5I7ADQBe5WfOF8mROvef9Iw-hU41Zlo2HA7r2NJBxRdz3BrtesR0d2z4b6lrHRdkAroh24u3GYxAgAAAE9SAAAAAmgBBwoAOQeQSJua3rF0k3AXB0nx2MjeGZLMmabq_lVTndZQAJzkPFDt7rhArFO3QGvW87FtqRQ7qOEjoMVEmZkC8cm1zZb9SU_5WJsWkgR-8jaOhp7AkZ9-zkQla8S6uQix2RoKEmUr-Yq6ORsnl6Gl8-woEva1HRNwfH8233AeFu7NlYZ5FER5RKHIzYCGW96pRraOdpQmGFgMxoSkKsbhazdpYRZTFROpUQE35aAC_ANz78ABgRxYyRHQdXA8LVvrzYozqx8qewoBAFf27wWhi9iPng3_u6Tn83Gn6gfib1yhjHFPycNHMNEy4Sz8Atrs8aTL1HpEoePGG-MoWoYBRjvT2N9Midk_8Al1ezK3hUBe7czXkqyNJsxcdFVUOcFZc77SR-PItJ6DO-jtWr6fmJD4zv1hEvMOAY68nTCtS-x-A1nltrrFsnMidBZz_lxA_ff58xhjDkTf4Z_fUGyOYSavS5Jh4g8nlMvfhwOlcRXd1l7SS_pM86knTFL_6tRJgT7oIGB_lSr1GwbOdR5IEzVRqBBccrnYwHAtLPDptAk3RXVtPffvMG_OTr_t0kCYqgZNJuheJRuj4t90UfnQzr0FKkID_PqYpVdDrFhqqIc331UsEf-bJxpUvX92JzjOhY9XDvU20kTeTaJMJJVFTS9YM6ZzYwdIC9u1FYEVoRUPEmCVYMBxFaMoioXbzakEtV01UCaJYESdLyyFjgchMaD_ZQy-pEhPY9YcdzuxgzMTaOiNytv0oo2LsUrAVqcnLKRUG9dm2llmCYWfN-qrN3yRyKeqISKDf2lZZ0jbag3SzfQCtHXRogruVs8CEZJjPCC0a5aupODwZ3SnMwRDU7wISGARZUqDkCJJXjAWWgYSDdJE8sseC_BdAL1TpJUsdGYWN6HEh6IHk7u73OyV238cbDI90bhhrMTzPgXHj7EAVbpu3JjyguatYpEYDnlvuP6MiA5lyBcDKfM03jwcpjrP3WrF4A1IJdZGU0M1OLMbdechIDKsqfx1dRL1YwzFAAYhfbFynz-p7kHNAXny-vyWJ_jh9h8UT_RaF6GbLR_UqjYShC6l_vT_RdO6TvMR5g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D5C8 42 B
108 B 70ms
70ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXR4BpprSeu2uN-L4qIAXAQKQWaY9bSghJeca9czZg1Xpy__FNGJM0o9KhiJblufx8JrTvCeylAcp3Sphdf4gdgFMOEFjgdMaWRGcyLOoW1KvOZdAdppGRvQYyRzKsvDexAwjfpJudyQ&sai=AMfl-YRvjhuELGjrEP-0Zebmoq0XM1hD1a715WnZWyL6FlykBVbWUXY&sig=Cg0ArKJSzFwwaPWLnTv9EAE&id=lidar2&mcvt=1000&p=108,625,362,925&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=3242553145&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702116744676&rpt=6935&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 10:12:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 326118906875223_0-2801.m4v
video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/ Frame 2F1A 0
0

GET ads
pubads.g.doubleclick.net/gampad/ Frame 7A96 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: video-itm1-1.xx.fbcdn.net
URL: https://video-itm1-1.xx.fbcdn.net/hvideo-ncg-pnb/_nc_cat-1/_nc_sr_t-4/v/rASfpRKzO3I_XA8TjsbgiV8S9GaXYvICMR87E0nCX9bAIQw/_nc_ohc-i9LsdQ7f3xEAX_i5aRa/live-dash/ID/dash-lp-qd-v/326118906875223_0-2801.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1

Domain: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2FVideo1%2FVVEATRVD_reurl.cc&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&url=https%3A%2F%2Freurl.cc%2FgaOWLp&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Freurl.cc%2FgaOWLp&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&bumper=before&max_ad_duration=30000&min_ad_duration=0&sid=5C7D0B1D-1F03-496D-AD5B-833886E4CEE6&ad_type=video&adk=2925625687&correlator=1913813375585865&ctv=0&dlt=1702116742242&dt=1702116752767&ged=ve4_td11_tt5_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491&idt=5654&is_amp=0&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&npa=false&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=332171821690461&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Freurl.cc%2FgaOWLp&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806632&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=104502601&deg_qid=COyk_IKPgoMDFTxLwgUdB1QPxg&degraded=true&kfa=0&tfcd=0&a3p=EloKDWNyd2RjbnRybC5uZXQSQDc3NDY1ODQ1Y2VkODM5ODhjMGNlYTk3MWE2NDIxODVjYTAyYzZmYmM2MjEzMGEwMjBmOTMxMDYxZmY5MTI1YjkYqrzB8MQxSAASGwoMMzNhY3Jvc3MuY29tGN-2wfDEMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjetsHwxDFIAFICCGQSFwoIcnRiaG91c2UYwrrB8MQxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVdXTldkVlJzU1hwVVNHbHdhRzVwV2padVpGcFNkejA5SW4wPRj4vMHwxDFIAA..&cookie=ID%3D3c81c65bb6e7fd75%3AT%3D1702116744%3ART%3D1702116744%3AS%3DALNI_MbVdxQtb329Kc-UJ7848Dh8l8CdDQ&gpic=UID%3D00000ca7c28aafd3%3AT%3D1702116744%3ART%3D1702116744%3AS%3DALNI_Mb9U4WE4S3Kb9H3lMiBmQEPMKuW4g

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

89 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.reurl.cc/	1970-01-20 16:50:03	Name: _gid Value: GA1.2.132815240.1702116743
.reurl.cc/	1970-01-20 16:48:36	Name: _gat Value: 1
.prnasia.com/	1970-01-20 16:48:38	Name: __cf_bm Value: Zq0gUAvoeuJAdcJNbkx2eUp9Fx9IG7FZcSEl41cn8HU-1702116743-1-Ac1qRHwds+DDGRUjBHLpGEj3ePPozNKRSDKKT3oTSuU50imX35TnlHE7Vj0quYveAPWlIqiuGjcyLRL3lyyhRDM=
.reurl.cc/	1970-01-20 18:58:12	Name: _fbp Value: fb.1.1702116743655.1368025613
.reurl.cc/	1970-01-21 02:24:36	Name: _ga Value: GA1.1.1347942568.1702116743
.doubleclick.net/	1970-01-21 02:24:36	Name: IDE Value: AHWqTUk73DDqqxNtALG4nIXeak--8ai54yO4dWu1iPQVvd3wnRy8roMdFGhPu8d8pgw
.openx.net/	1970-01-21 01:34:12	Name: i Value: 61c56e4e-5233-4c78-a986-7899ea775947\|1702116744
.reurl.cc/	1970-01-21 02:10:12	Name: __gads Value: ID=3c81c65bb6e7fd75:T=1702116744:RT=1702116744:S=ALNI_MbVdxQtb329Kc-UJ7848Dh8l8CdDQ
.reurl.cc/	1970-01-21 02:10:12	Name: __gpi Value: UID=00000ca7c28aafd3:T=1702116744:RT=1702116744:S=ALNI_Mb9U4WE4S3Kb9H3lMiBmQEPMKuW4g
.reurl.cc/	1970-01-21 02:24:36	Name: _ga_N394QBRGC0 Value: GS1.1.1702116743.1.0.1702116744.59.0.0
.crwdcntrl.net/	1970-01-20 23:17:24	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 23:17:24	Name: _cc_id Value: 20dc818c54e6547bcddb3309e9b5e37e
.reurl.cc/	1970-01-20 23:17:24	Name: _cc_id Value: 20dc818c54e6547bcddb3309e9b5e37e
.reurl.cc/	1970-01-20 16:58:41	Name: panoramaId_expiry Value: 1702721544681
.reurl.cc/	1970-01-20 16:58:41	Name: panoramaId Value: 77465845ced83988c0cea971a642185ca02c6fbc62130a020f931061ff9125b9
.reurl.cc/	1970-01-20 16:58:41	Name: panoramaIdType Value: panoDevice
.send.microad.jp/	1970-01-20 18:58:12	Name: TR Value: 6020a9d8314ac593d44f9afaf0a104109f2ff41d18f5f8ce
.casalemedia.com/	1970-01-21 01:34:12	Name: CMID Value: ZXQ9iNx9vzgpChm6luESQQAA
.casalemedia.com/	1970-01-20 18:58:12	Name: CMPS Value: 5360
.casalemedia.com/	1970-01-20 18:58:12	Name: CMPRO Value: 5360
.openx.net/	1970-01-20 17:10:12	Name: pd Value: v2\|1702116744\|jElYiuvOhI
.criteo.com/	1970-01-21 02:10:12	Name: uid Value: 7d8867fe-bff3-48d4-b28c-03eaf246f01a
.criteo.com/	1970-01-21 02:10:12	Name: receive-cookie-deprecation Value: 1
.adsrvr.org/	1970-01-21 01:35:39	Name: TDID Value: 20eac2e6-e637-402c-857d-30de4caf371f
.ladsp.com/	1970-01-20 16:48:40	Name: cr Value: 1
.ladsp.com/	1970-01-21 02:24:36	Name: smn_uid Value: 0kFjoalqBLC5_IrVP5G1dxA6kmSUL4Y
.ladsp.com/	1970-01-21 02:24:36	Name: lum Value: CJjAwfDEMRIFCAMQ0AU
.openx.net/	1970-01-20 17:10:12	Name: univ_id Value: 537072971\|20eac2e6-e637-402c-857d-30de4caf371f\|1702116745283926
.holmesmind.com/	1970-01-20 16:50:03	Name: fcm Value: 1
.doubleclick.net/	1970-01-20 16:48:40	Name: DSID Value: NO_DATA
.reurl.cc/	1970-01-20 17:31:48	Name: ISMD5VERSION Value: 1
.reurl.cc/	1970-01-20 17:31:48	Name: CFFPCKUUID Value: 2865-iotkYEMRtUmKzcGdKXsuLxFKLVvsEU01
.reurl.cc/	1970-01-20 17:31:48	Name: CFFPCKUUIDMAIN Value: 1906-fI3sc0qfvKERdlTYushJk1Qjmmwrilt3
.reurl.cc/	1970-01-20 17:31:48	Name: FPUUID Value: 1906-f8ace5c8087c5fa8bab53298a7b0de27
.doubleclick.net/	1970-01-20 21:07:48	Name: APC Value: AfxxVi6OSWUmFLiyxyqTVksoEc0dNuGFoK2rgc40_wnvceNHwx1FhQ
.hinet.net/	1970-01-21 02:24:36	Name: uuid Value: 16aaa93f-db19-42f2-9a72-2b9804af13a1
.doubleclick.net/	1970-01-20 17:31:48	Name: ar_debug Value: 1
.lndata.com/	1970-01-21 01:34:41	Name: admckid Value: 2312091812241534250
.holmesmind.com/	1970-01-20 17:09:43	Name: Vision Value: 20231209-23:59,20231209-21,20231209-21,20231209-23:59
.holmesmind.com/	1970-01-20 17:09:43	Name: C Value: null
.holmesmind.com/	1970-01-20 19:13:34	Name: RK Value: null
.holmesmind.com/	1970-01-21 02:24:36	Name: P Value: 139635-qOW77qxoKGcvr5ekMLXRwOWPcRX0Beb1
.reurl.cc/	1970-01-21 01:34:12	Name: __htid Value: 16aaa93f-db19-42f2-9a72-2b9804af13a1
.reurl.cc/	1970-01-20 16:48:40	Name: _ht_em Value: 1
.c.appier.net/	1970-01-21 01:34:12	Name: _auid Value: RGx8mb12BRyLvzL_iT10ZQ
.flashtalking.com/	1970-01-21 02:18:00	Name: flashtalkingad1 Value: "GUID=5821C067B09A5B"
.flashtalking.com/	1970-01-21 01:34:12	Name: _D9J Value: 9d6fcdb208df4e0d95057d4ab63fc38e
.reurl.cc/	1970-01-20 18:15:33	Name: truvid_protected Value: {"val":"c","level":1,"geo":"JP","timestamp":1702116747}
stg.truvidplayer.com/	1970-01-20 18:15:00	Name: truvid_protected_s Value: %7B%22val%22%3A%22c%22%2C%22level%22%3A%221%22%2C%22geo%22%3A%22JP%22%2C%22timestamp%22%3A1702116747%7D
.socdm.com/	1970-01-21 02:24:36	Name: SOC Value: ZXQ9i8Co5sAAAN-pZcgAAAAA
.uncn.jp/	1970-01-21 01:34:12	Name: t Value: v_ec54345d-171c-4d6e-a125-7f4614d1ac83
.simpli.fi/	1970-01-21 01:35:39	Name: suid Value: 2DA1FA6630AC4537ACAE3051E7A22EF4
pixel.rubiconproject.com/	1970-01-20 18:58:12	Name: receive-cookie-deprecation Value: 1
.socdm.com/	1970-01-21 02:24:36	Name: SOSYNC Value: anNvbjp7ImdkbiI6MTcwMjExNjc0Nywib3BlbngiOjE3MDIxMTY3NDV9
.quantserve.com/	1970-01-20 18:58:12	Name: d Value: EH0BCQHPKoEA
.quantserve.com/	1970-01-21 02:18:51	Name: mc Value: 65743d8b-ed662-28d6b-469fe
.yahoo.com/	1970-01-21 01:34:34	Name: A3 Value: d=AQABBIs9dGUCEOXz3R1IDn0MQ49FtFwx5_4FEgEBAQGPdWV-ZQAAAAAA_eMAAA&S=AQAAAklwgTyybvgvMyTBfv1921A
.googleadservices.com/	1970-01-20 18:58:12	Name: ar_debug Value: 1
.ads.stickyadstv.com/	1970-01-20 17:31:48	Name: UID Value: 7bcb19aa43bddf05bc0bad6ad541f82
.ads.stickyadstv.com/	1970-01-20 17:08:46	Name: uid-bp-30833 Value: 1
.rubiconproject.com/	1970-01-21 01:34:12	Name: khaos Value: LPXWD4NE-1U-KWIN
.adsrvr.org/	1970-01-21 01:35:39	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIruzRjayqvDwQBRIWCgdydWJpY29uEgsI4tHmm6yqvDwQBRgFIAMoAjILCJb656bCqrw8EAU4AQ..
.bidr.io/	1970-01-21 02:17:06	Name: bito Value: AAB0A07K6HsAABPX7Xkm1g
.bidr.io/	1970-01-21 02:17:06	Name: bitoIsSecure Value: ok
pixel-us-east.rubiconproject.com/	1970-01-20 18:58:12	Name: receive-cookie-deprecation Value: 1
.linkedin.com/	1970-01-21 01:34:12	Name: bcookie Value: "v=2&52d7de0f-f09e-4a58-85c5-4b9d90b3b477"
.linkedin.com/	1970-01-20 16:50:03	Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2896:u=1:x=1:i=1702116749:t=1702203149:v=2:sig=AQGdgeL2KAniaUHUaX07to3ddiYhd8lY"
.stg.truvidplayer.com/	1970-01-20 18:15:00	Name: trv_usersync Value: {"optout":false,"uids":{"rubicon":"LPXWD4NE-1U-KWIN"},"created":1702116749}
.connatix.com/	1970-01-20 17:31:48	Name: cnx_userId Value: 0f5e4632a34a4cc8b001d9b858a48df0
.amazon-adsystem.com/	1970-01-21 02:24:36	Name: ad-privacy Value: 0
.primis.tech/	1970-01-20 17:24:36	Name: csuuid Value: 65743d8db0317
.amazon-adsystem.com/	1970-01-20 21:43:48	Name: ad-id Value: A8qOLWQJHU50mlYHEiWFctc
.intentiq.com/	1970-01-21 02:24:36	Name: intentIQ Value: SLvU4qHrvJ
.intentiq.com/	1970-01-21 02:24:36	Name: IQver Value: 1.9
.prebid.a-mo.net/	1970-01-20 16:50:03	Name: _sv3_7 Value: 1
.a-mo.net/	1970-01-21 01:34:12	Name: amuid2 Value: dec7faed-114a-4747-9207-2bb568ba070a
.prebid.a-mo.net/	1970-01-21 01:34:12	Name: sd_amuid2 Value: dec7faed-114a-4747-9207-2bb568ba070a
.ipredictive.com/	1970-01-21 01:34:12	Name: cu Value: 3766f758-cd66-4777-9d13-f1781d8da9bb\|1702116750152
.sharethrough.com/	1970-01-20 17:31:48	Name: stx_user_id Value: 6d6ff2ed-8fe3-4f71-ab00-02fe3a32b4d9
.analytics.yahoo.com/	1970-01-21 01:34:12	Name: IDSYNC Value: "18vk~2fia:19e0~2fia"
.rubiconproject.com/	1970-01-21 01:34:12	Name: audit Value: 1\|Q2CALeCovKjiiZeSofmPjZxxZQXzXHXs9hlC0XKLF8QCpoC40Gxg1/40ipN5q2BSvbR4vXKRpsvqFTrNE4+z9qDrxqInxg513OlDu/ORdD8=
.hb.yahoo.net/	1970-01-20 21:07:48	Name: visitor-id Value: 3451183505494248000V10
.hb.yahoo.net/	1970-01-21 01:34:12	Name: data-mag Value: LPXWD4NE-1U-KWIN~~63
.intentiq.com/	1970-01-21 02:24:36	Name: ASDT Value: 0
.intentiq.com/	1970-01-21 02:24:36	Name: CSDT Value: UEQ6MTUxMDZfMCZUeHc0UUFv
.intentiq.com/	1970-01-20 17:31:48	Name: IQMID Value: 2119554942#1702116750438
.intentiq.com/	1970-01-21 02:24:36	Name: IQPData Value: 2119554942#1702116750429#0#1702116750429
.intentiq.com/	1970-01-21 02:24:36	Name: intentIQCDate Value: 1702116750437
.reurl.cc/	1970-01-21 02:10:12	Name: cto_bundle Value: YcczvF9DcWElMkZzNXZvJTJCV2V1NE9yTGJ1Y2lCam9QWHFQVzVUbXZoTUpoWVAlMkY4dDIlMkI1RUpwMjlleDZjTEpxaFZYdmVGJTJCUW5VSkUlMkZPa1padmptZWZJazRETm1NVTJYbDhSenprTGlGUVowTmpIS2hmbHVUbiUyQmJqa0g4dXdBS2k4R2pCQjdYOUFlOUVqbFVUaHNKTFM0ZiUyQnk0JTJCeEElM0QlM0Q

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
deprecation	warning	URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz(Line 276) Message: Listener added for a synchronous 'DOMSubtreeModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://fcm.holmesmind.com/cm.php Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

124088876cce5943e81c7e0ab975a227.safeframe.googlesyndication.com
16aaa93f-db19-42f2-9a72-2b9804af13a1.t.ssp.hinet.net
a87f4629cbc55b2cb5e0e293e25182ec.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad.holmesmind.com
ad2.apx.appier.net
ads.stickyadstv.com
adservice.google.com
analytics.google.com
anymind360.com
asset.re-news.tw
bcp.crwdcntrl.net
bidder.criteo.com
blog.alphaloan.co
c.holmesmind.com
capi.connatix.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.doubleverify.com
cdn.flashtalking.com
cdn.holmesmind.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cm.lndata.com
cms.quantserve.com
cnt.trvdp.com
code.createjs.com
connect.facebook.net
cr-p3.ladsp.com
creditcards.com.tw
csi.gstatic.com
d9.flashtalking.com
ds.uncn.jp
dsum-sec.casalemedia.com
eus.rubiconproject.com
external-itm1-1.xx.fbcdn.net
fcm.holmesmind.com
fcm2.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
gdn.socdm.com
go.trvdp.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
i0.wp.com
imasdk.googleapis.com
img.gbyhn.com.tw
img.racingcharger.tw
invstatic101.creativecdn.com
jp-u.openx.net
live.primis.tech
m.holmesmind.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mma.prnasia.com
oa.openxcdn.net
oajs.openx.net
p.trvdp.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.a-mo.net
prebid.scupio.com
pubads.g.doubleclick.net
px.ads.linkedin.com
reurl.cc
rt.ad-score.com
rtb0.doubleverify.com
s-cs.send.microad.jp
s.amazon-adsystem.com
s.trvdp.com
s0.2mdn.net
scontent-itm1-1.xx.fbcdn.net
secure-assets.rubiconproject.com
secure.flashtalking.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
storage.re-news.tw
storage.reurl.cc
sync.intentiq.com
sync.ipredictive.com
sync1.intentiq.com
t.ssp.hinet.net
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ae1.doubleverify.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
video-itm1-1.xx.fbcdn.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rayskyinvest.com
pubads.g.doubleclick.net
video-itm1-1.xx.fbcdn.net
103.132.192.30
103.229.10.247
104.17.239.194
104.17.25.14
104.21.96.9
116.50.36.71
124.146.215.2
13.107.42.14
13.32.50.115
13.33.174.24
131.153.206.102
139.162.78.222
139.99.63.224
142.250.196.106
142.250.196.129
142.250.196.98
142.250.198.3
142.250.199.98
142.250.199.99
142.250.207.14
142.250.207.99
142.251.166.120
142.251.222.2
142.251.42.129
142.251.42.161
142.251.42.162
142.251.42.194
142.251.42.198
142.251.42.202
142.251.42.206
143.204.126.52
143.204.86.97
151.101.65.229
151.101.65.55
157.240.209.14
157.240.209.8
172.217.161.34
172.217.161.68
172.217.175.72
172.64.146.152
172.64.151.101
172.64.152.89
18.143.106.89
18.172.52.87
18.65.185.12
18.65.185.16
18.65.185.99
18.65.207.98
182.161.74.1
182.161.74.11
182.161.74.18
184.27.20.221
192.0.77.2
192.0.78.187
192.0.78.24
2.18.148.226
202.233.84.8
203.75.214.136
210.59.219.34
211.120.53.203
23.195.84.51
23.195.85.83
23.204.139.138
23.204.139.141
23.61.252.83
3.112.170.251
3.33.220.150
31.13.82.36
31.13.82.7
34.102.146.192
34.117.23.234
34.120.135.53
34.142.175.23
34.149.120.3
34.149.43.113
34.149.98.30
34.95.67.231
34.96.70.87
35.185.130.121
35.190.36.98
35.201.76.93
35.208.216.174
35.227.249.156
35.244.159.8
35.244.196.223
52.192.8.212
52.196.195.198
52.199.253.73
52.46.130.91
52.54.58.110
52.77.5.102
54.146.33.131
54.250.210.41
54.254.21.143
54.255.159.219
54.95.167.198
61.216.47.122
67.220.228.203
74.125.23.156
8.39.36.141
8.39.36.142
8.43.72.97
99.84.133.14
005e3bf07cdf231d21b04c023a2d1fbb2689890c60fcc967a6aedcf40789744e
01a33f0ff59e28cd463d425548a593e150506f7f0d1c958403bae903f5e8e2e9
0210061ed0a4abc0263a7736faa5eb43cb8126bf3a350a89c49eee5a9db28147
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
096f85ac6d28eb274e8f6bcffc83c4d3baf2041bd4befd0adea68c566b20c57b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dcc5adc588fdbe0a7b4786c78c8b5fbeb736c55a7df93e73ae54ccb10a3cb58
0ebacafc72baccb35d633c8959c37a3b14cd64c35a94355761f5e84af4e24323
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3
0fb4363c3a3abf8e74c50d3978fab2b105b246ed9e84756ebdd0cbabd43fd742
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
1227da1f30cd91bcc03d92d6f63df9ed1752ca2fad652f7df206e55dd6f41c8e
12718ad584b8d0f53398c1cabf7ad5219908cd9286eaf4f47e11128a98dba658
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4
142def09d9dbc6078f880d256cadd2e15f3808f149bfed6163de428ad0ab7d72
142e21ec877ac3ce88c9f8356d684a728b8bb102193c54facad5757d845ad44b
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
176d9d930c3ac85e0a57ff0538dd2d8da6e74786690e794722e31621a826a7eb
17b700905eb47ff2f3a56d3a83340090ff51416fbce59ebf5b61eebd19ed72fd
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
195e0df98da82f20e97d996cd7a7b72c1ac94a03ec4514c90240962e32d31c56
197cf9f704785e690d950b4cb570004989336fa75540d555aef7e396db1f2861
1a5bfbcea37051b69ffb51494bca539b16ef2d969086bf4abdef636fc5943679
1b20a70471fb8bfb738e087db744bb71b731613be8258422970a821bc652b4d3
1ba731fa9f8276454a29bbb9afbf4595fa066f08935a762beceecc4749f90d5b
1bcbcd0462c2709611deeeaa97bae378a3e951a6135e98b1c5e41d6661c574a9
1cdfea8482ec87dbfecfc0b3914b3e9d90e2c32f7f601261cc79369092894312
1e64a7f573c234b822ba5781b74571438a69f6aeddb3cb96d3b74c848eab79be
1ed305d6ed11e1086007c3f3ccd2081f0122aa6d3dd61d41a00b5cab9d401328
208cd6c1ec51a2737c544e3da4166eb917333e9dd588841e599143f7f083de85
2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef
213ec59066bfee133bfeb4f11eddf942a45a2b1db99b39080db95cccd748758b
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
21d6c5b259b6c56b1a101da5da1d432618f60e38d7eb3d0c9b884a30e0f20e2e
226d20c2725e876a96edabbbad4ca3709478995aac12ff27b7efff45d73d96c1
23846770b8ff53f63032b140e025851dfec6d8d8a34ed8d95028e1bc2d001de0
2682d927fc3a8cefb3d09b780b90455ed4f2799b8ed812e2d35f086ee48de9ef
280555e90833f74ed9c01266459f9e2154a47b4e69e8461e8ab16ad26dc2eb05
280b3ba799b39d39105d5855f5fdfee5f23bd85221c36664fc29e142a2c0dc8f
2949776fe5a33b85239c5501deb9565752b0cc4662c281a39edc27eaeec5e709
2af9dcd5f220b6aaa7fb46c21e3a9833abce8a1d7953c0591013081dd73c6e57
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2c3cb5a0833b9412d27f44e06a84fd797180b81e15e99af5d7d8ffa96d1f41e8
2d8e5707f61f87a2b7f6f47d0c80447272931698c0a7301d387e52162499b6bb
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318af6bdb38737c8f197d65bc1dff6908dee45fbb562a84247f28e82a43fd7ea
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30
3271eecca15405b948944596894209cfc44ced3b8e5e840a5cd6d01b1a31d5ef
32d3abe0a42c7f746e925a02b58d39496c8b01c27bdc90ef251893e7133751e3
3357e675ea4f190381d0d4969e3af833e76d64fd9f37881b2e3229a537e51b5c
35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
3676c75714b0e943982021629ad0962a6a822eeb2e907c8ae97b44f2e7d51619
3734c01100f54eb39e2612827645a197465b209f0b058efd22d2aa04f34fb66c
373cff4a5be14637fbe35895c47e016b43fe37c32a6d704cd59da533185c6bb7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
39cbccaf07b38345ae2ca8dc64d986d1707e6b06269e342c089a5fdda99e4f28
3a4fda7b449ddfa3b11ceb4c715c4c2f042e2cc1949701deb1fb8098d02b9b47
3a7a68e832e09c668589e2bab6e3bc69348c21fdd4be0b940446e8d3b0948a6d
3dc6787de4b1097650e4fc18a14d735fbb8e09c5a8159ece51c16593c8cec0e9
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e46f04463ad894a0e86811482b478ec44878d45900ab2162d0a3e4876098cfc
3fc5eee39e17db2effb093b1b3cce726bc9bbe579dccf463cb3866d009e4a997
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38
40f4b7485993353e029f85c2589e80079b7a815514598320bd688452185ccc32
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
431486b008ef8dcacc621c3f8fd446b9a43db474fc6e1766b4189d71984acfa6
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160
4489927739ffb15478a62047e3edcdbb21f2597bed149f2a043d60c20f5e7f61
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
45445cdb742ba713feadbb749a2328f90698cc052372bb736682afcb5e7c6345
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
499e8bca2c5e7152068e00790400d102582a71138fafe9c2761a2672da601c6a
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4a91cc3d7f0943cabdd61ca1ff8f5e4747c2e81349fbc490de26380a4d817733
4c89b72a5f5940ff8e45d22244a3ba03fe2509a261040bc4c18afe202a8b5377
4cae1a25d86e49521475bc48221489901b3b39d63c07e9889de221bad8d7ac16
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4df9b60b23dc99b2d8effa62273d522e2c879c50a288eee73784db7eb5016908
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fdd04912129cdb8d227c0be200a5205ccbc49c6851594f80d1df0364ae5d1a2
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
52c6d1b1e00bb108060468a7d54d5a15e67d43c7d96896f45cd9614640c8554f
5369ace1b850cc91bce4b5b4362a17017c7e82d2be16c8ac11d6ad265200292a
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5609dbd6bd5496a114ca913530c2dd0aecff8502646c438db58251345eda9545
56355b58c5b3ae628c21bc20c25063cfee0fdd4d0d041f7a61b77f7d2c30120d
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5a4cf779b660d70be388759dc223fa0aeaa933e7979d0301226419f2015076f9
5a593b33d3e42a30cf2d40df0a405391c5fb2bf874f357be9b3026632e9b83d6
5b7cb3d0fb16d33c0eb67ad84e23c78185cd4c71276f4e4bb8b115311dfe4ca6
5cb453452cb7f5355d1d91b93b3305ab04e5d25a8fc005aeb0031c22ad75e283
5d28e955cf2bc7eab352b6053c691492b7436b141829f69b52f3639f86beaa96
5ff01fe8edd72c6bb4f00ef31950ce0a35c6acb24cc5cd4e1acecdc6c3df0d5f
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a348d19aed551d23c7c2893df6e935f4bf314d03184b090c92e8264306e311
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
635560ef12cd799356b3887f1577373a5c51418740bb71b1888c2811ea6da67e
63d4788816b3985fc7c7ee485e096af6d5001045d813c273b6bbb4f83ead2437
6604d53f95876c8b7cabb0609501f5b453662e925a10a2e8002ecf3df5858439
672234d01f68a29b55fe61143e94ae1a25e1a3122b3a587f5adad89cac208c40
675c68ec272e15adac541942a16ddfa45419f6f959147e4728a4e26c512520ad
6871de12df8d1d3da3dff8d6370933ba3630a6e9ce19bf93eca651967a221c42
68b6eb9c48e3b113a3d1872ef75032d9f7f9771d9d2617bf058d7bc2f5070831
68fab14b8c4112c0c8c19d07a8ae62b8de9a03da143bfd3be495b8fbc6e385a1
6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e
6c90cf0682d3034d3a1f4ee5c3ab2cf248a274531b0d714011412c6d221aa042
6edd68731e514566c05a3e9332505817102a8b5db834a80176856647b4162ad9
70db6b844908c31fe360baca0e648a95d038d8e7a9dac39761e3d499aed8d1f6
7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507
72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
7490c495bc701b5f3c822f76f18d9f9842e4c3578b4c8e74937ce49a1ca75546
76740d0aa1e1de9d9f6cada6f013e70f274e08f9d4f78b0ba38004054cb7e198
769fb1d31db0642ea530fc81ba3edac191792a1e067a412b13b5ae7d4478d622
77bcc9a2018d9882752571a1063ef8fdfdb22353f6dcf019be8d5eff94ee063f
7b2f98c8df9696960e03c50f6fca44df90124fd30d84c9516009d9f060d604cd
7caaa59a06e6bd6721beace66036489ee809f7e4c871ff48487bbee5a79dfd65
7e38d8da0d09fa92885460a6e6afdcff749709b334a9856f181820456877b619
7f20464bcc65e39c5219d72ad575732d510fe863ba2b3d21b0a489e36a753eb4
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
813fcb9f341d0530a108631da8ca21e551be94e6f604c89a3b2ff66d84fabe99
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b7d2afe243941c2527b2d875836ad2cb864290690dd1b253389de3f7bc7da4
8448d16c4463c05f338c8d4d8c64a33114ead268154ff97db182109bfe5169f2
87e023f31508fd57d288b971a0680fa1f7ef9cb83a9629549e1dccd2a887bdae
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8e5ca2793db85ebd0369fcd12cb0de3c3a48f6f992bef1dc7b34c2446a0c49ca
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
91524c70ede9562d1bd8976201f4f2fd6b24d2c4844f4f7d0d862e1c5a685f81
940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b
94d523edd701a50db76faf479f4e32f007cbd97ade5339313f1e5a1ef5b35a85
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9701f3aa828bf62b68fe6a791d7deb8a2139bb11fbb8d052b8ac902ff2648b5b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9c067c26f5bddfc2d3810a3ada3371fb1f5e2350d76342d4050ab3fc67335964
9c3ce0e066c2c84dfd177abe6cf6829c5d79e49d2a2b87a9a54d5b135d0ba250
9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9d5497521bfc84947a23dd5687f8629f34ce7d1dd3d37cc83d9c6f14d2af0cb0
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e11962c066339f200a342dfdecd23dab603951d49189e9e84723f3cc2008a67
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0ec824374c365016ad3c141541d0a80759638893e6e7f5bf0c84dea3e300c55
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2d26787c163c76904362956f1632d950111421b5799dd19bd99e5d29b418158
a53d2637ac425baf486da24efe01fe06bc702bd5b2ab4cbfe93d3d713d5494c8
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
aa03eb68227b8878eaceea508be01259496077ec5ed9b375f84c77f577b843ed
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
ab537e5d1aad79aa80216444bb19c9f009e435a714c7815d7ab071210fccb741
ac0bbdb325a55aa396c1b2c24b5213bc7d05634d182abceb6ddda30042e2373b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2
b1c0a68288019435780959c3424fe419310b780da760bc9744e31f107b34a40c
b22620fc4d630726cb3f47fac6ade45801e71c9d90dc6ab148e51dbcc910944e
b36764faf17f2803c4ef3a5ea18b0187dc9ae66b13ec253c71ddb3178d2ccf52
b429486bdd6630fb3fdfa332e7919855881da3a3b2a51d62eaa1ced0862bfb5b
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b50ba7cca50fd61ab72172f422203982d913084cb5f50731e79cd82aa00ad621
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b6fe6101ff12f786ff956ba29a5b1d1e3264c7769ffceb85d733b4c7986e6b95
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5
b98745699334e83f49350bbf814a657f787ae1d515b8e41df4856ea89dd2f8a1
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
bc6a7cccd1d8ec7f01ef81c8fb489ade144149c07835733e09a96f05968156b9
bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
beb8cc4e47427dba597ccd68a8a8bfb4c5093da417388cdd9d2d5703909991e2
c101c172df6fd1ea057115ceb1933d418cd7c0ef00d6932ad3383f478777825f
c10ceaf0f11c314d2de11e215aad1739e861676a38f93643f142a2f9644228d2
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
c5132ab11e6b9743c546a27d0e42d2548b2c39992cf0e7f57802d700e79139a0
c5d4bd00c93f687b2f1c47656a5dcee22ff87ae4dc205dd7d982d1082532cc29
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c62a7a718744861f913b590ec5dbaa4101a1ccdbe54dc9ecd48c6659eccc812c
c73f2b03af16458ad905f45a098d8861ec7b0a2480387a59195b4465aca25d02
c7b4b5dc3ddc85576c11a8d1fe5d82316632454870c40f31616ccc4e249c4fc6
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
c8346ff64e6e0b3f6d47d8a8292a05f4959ff308bdfa41bff7ca30ad12922d2a
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc35c6efaef12a567e4258a8158e5a3aaf4111a88f20c32752a59633c47f5225
cd1a1c2e4f6310a0fd024f0741f9adb892f52778f8091e55d1b0db68d8fc97f9
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0c0a6ab2e10cb4061ce00406e53dd6eec2f0753fd20883654b2c13349e088d7
d20cf80322259d9177611df3a6016556c8ee1c7b56376805c15d449c1785df0a
d353b1355c456941a6195bf480abb7c6092cfd0213313f56168f2315b43d40e1
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265
d71475b44d619ac3cb38c8c61807e497b11ea110d0fbfe007a814b2faa88e4cb
d945801e7952a55b17845b358e2a3e71b99e8b18f4906b8ca09952f02c69e084
dbd47670b0bb46f0bf402a24a3793ed813de07921a104da141c9d68e5f5cd074
dc4299da5227c68c3e4db4787dd3c9fe9c9c3d4a8b52d24e5b308488c4463404
dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dee10fdcd26b484406619a49a9148dc00d73e2520c9c80aa1ff9489279d874c4
e020872e332c740930142fd3f09564f8917bd62257445d61eb46ed974d961f2d
e0f6ce75276e2b0748f724ca3195770fe2356217e4fa6dbbf933d68bf404c89c
e11bf5bb05f9955458b12a5dd73cd9fd3d147ddc0175d6d362bc9218b79e4264
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4f69d2ebf1cb4b02a3c5b25facf32d9ac2e632e13cfa3845a8f1cf01eedb79a
e6478184fe5d7ab4f3bad23a1d02c3331f979cf4fa2a38eaf2ea6e53f54f391b
e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac
e76120de695e8ada80fa020a780e36ffbabe2d750c1dc46d4934545d11aa8c81
e81a8bc3672a3af461ae1579ad7b9c955a22ca3b81a0d645b380f33ff64bfdb1
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ea76b764cc79e34aacb5473f624f54f6da49da1d10b00cb931075a6bd0d38c32
eb0110be59431fd3c8942faca7ee241aef70ddc66cc3316b645cc8ae6ca2b70a
eb1dcc6858928161e0f053fd744a2039bb7c340473c48c38eea01305c9109432
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec649d9aee9a45fe44f47bfaf613e3fd53bd0bcab67f970407f2e5f638aa2058
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b
f269e265a67850c7bb6a48b4b2d6bf4059059eea6e5cd70bc5424d8613cbf528
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
f4e90ee5cd10e36b571a3ce94b810a09fbdb72d80720f05ce14fceae47a5b8da
f5faea1024c86795a612ed5a267291cfd054591fe121c628d84bf0d392dfb14c
f62ef0ed589ecb35e040a0e768da9c712dddd1354f93de734af2169936b3beef
f6af89af6e07249a5f89a7f74aa59053de1ea84a73ade39aeb150facf2f78e97
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
f846179b5172af062726bc9b26952499f18f07417cb4fb9901759e21383a5d70
f9ab2d0b1fd6ff343526a05199a2a3db6417076d5792d30f5ea83ccc29a936a3
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fcdaa4a9116d5ab88233e3349fea2428f2a4c46b3538900117cef9c8c1d31f0c
fd66f83ea75a1ccdd4953552363bc37a9cf055220f8d89a23ec8564c8d2ed2fb
fd776544bda4f33eb6c090beb6c5ff05ed75e0daf4bc2e5420283774d2be0cc0
ffb24f57613be6ca6e4ea4d0a0d046ea864d94ae7b6f77a2cc3c45b940d2076d

reurl.cc Open in urlscan Pro 35.185.130.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

394 Requests

88 %HTTPS

0 %IPv6

67 Domains

116 Subdomains

90 IPs

6 Countries

8223 kBTransfer

21924 kBSize

89 Cookies

21 Outgoing links

Redirected requests

394 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Screenshot
Live screenshot

Full Image

394
Requests

88 %
HTTPS

0 %
IPv6

67
Domains

116
Subdomains

90
IPs

6
Countries

8223 kB
Transfer

21924 kB
Size

89
Cookies

394 HTTP transactions
12 data transactions