reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://reurl.cc/
Effective URL:
https://reurl.cc/main/tw
Submission: On October 04 via manual (October 4th 2022, 6:49:43 am UTC) from JP — Scanned from JP

Summary HTTP 323 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 58 IPs in 7 countries across 51 domains to perform 323 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 218303.
TLS certificate: Issued by R3 on September 23rd 2022. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 9	35.185.130.121 35.185.130.121	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.149.98.30 34.149.98.30	15169 (GOOGLE) (GOOGLE)
40	2404:6800:400... 2404:6800:4004:810::2002	15169 (GOOGLE) (GOOGLE)
34	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 1	212.102.50.58 212.102.50.58	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	2600:9000:21c... 2600:9000:21c5:3600:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2404:6800:400... 2404:6800:4004:811::2004	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
9	2404:6800:400... 2404:6800:4004:81c::2003	15169 (GOOGLE) (GOOGLE)
1	35.244.196.223 35.244.196.223	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:825::200e	15169 (GOOGLE) (GOOGLE)
2	23.10.15.101 23.10.15.101	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 8	35.201.76.93 35.201.76.93	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2600:9000:214... 2600:9000:2142:e800:3:1794:2540:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2404:6800:400... 2404:6800:4004:811::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::6815:43a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:fc04	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.185.136.122 35.185.136.122	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:303... 2606:4700:3034::6815:6009	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.78.187 192.0.78.187	2635 (AUTOMATTIC) (AUTOMATTIC)
1	34.102.176.152 34.102.176.152	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2404:6800:400... 2404:6800:4008:c01::9d	15169 (GOOGLE) (GOOGLE)
4	52.68.234.1 52.68.234.1	16509 (AMAZON-02) (AMAZON-02)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
3 5	103.43.89.4 103.43.89.4	29990 (ASN-APPNEX) (ASN-APPNEX)
4	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
6 12	34.96.119.68 34.96.119.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6 6	172.105.203.31 172.105.203.31	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2404:6800:400... 2404:6800:4004:820::2003	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:822::2003	15169 (GOOGLE) (GOOGLE)
4	34.117.219.39 34.117.219.39	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2404:6800:400... 2404:6800:4004:827::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:801::2002	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
7 23	142.251.42.130 142.251.42.130	15169 (GOOGLE) (GOOGLE)
2	35.227.249.156 35.227.249.156	15169 (GOOGLE) (GOOGLE)
2	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	210.59.219.181 210.59.219.181	3462 (HINET Dat...) (HINET Data Communication Business Group)
4	182.161.74.18 182.161.74.18	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2 4	103.254.153.160 103.254.153.160	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
6	2606:4700:20:... 2606:4700:20::ac43:47fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	64.120.88.131 64.120.88.131	133752 (LEASEWEB-...) (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd.)
6	2404:6800:400... 2404:6800:4004:824::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:81f::2001	15169 (GOOGLE) (GOOGLE)
20	2404:6800:400... 2404:6800:4004:825::2001	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:823::2002	15169 (GOOGLE) (GOOGLE)
1 1	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
2 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2404:6800:400... 2404:6800:4004:801::2006	15169 (GOOGLE) (GOOGLE)
3 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2620:116:800e... 2620:116:800e:21:46d:7e81:55ff:4c12	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:214... 2600:9000:2142:5000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	139.99.49.250 139.99.49.250	16276 (OVH) (OVH)
1 1	3.0.179.214 3.0.179.214	16509 (AMAZON-02) (AMAZON-02)
1	182.22.24.124 182.22.24.124	23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
4	142.250.199.98 142.250.199.98	15169 (GOOGLE) (GOOGLE)
1 2	2001:df2:a300... 2001:df2:a300:bbbb::135	6336 (TURN-US-ASN) (TURN-US-ASN)
1 1	202.232.238.37 202.232.238.37	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
1 1	34.205.254.195 34.205.254.195	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.177.11.95 18.177.11.95	16509 (AMAZON-02) (AMAZON-02)
1 1	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	52.221.113.7 52.221.113.7	16509 (AMAZON-02) (AMAZON-02)
2	13.225.173.56 13.225.173.56	16509 (AMAZON-02) (AMAZON-02)
323	58

9 35.185.130.121 (Taipei, Taiwan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.98.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.98.149.34.bc.googleusercontent.com

storage.reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2404:6800:4004:810::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
885585f9-091c-4444-b1d9-5a5b759b082e.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.102.50.58 (Tokyo, Japan) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-212-102-50-58.cdn77.com

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2600:9000:21c5:3600:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4004:811::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4004:81c::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com

storage.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:825::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.10.15.101 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-10-15-101.deploy.static.akamaitechnologies.com

static-tagr.gd1.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.201.76.93 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2142:e800:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)

adcdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4004:811::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:43a6 (United States)

ASN13335 (CLOUDFLARENET, US)

img.racingcharger.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:fc04 (United States)

ASN13335 (CLOUDFLARENET, US)

mma.prnasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.185.136.122 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 122.136.185.35.bc.googleusercontent.com

re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:6009 (United States)

ASN13335 (CLOUDFLARENET, US)

img.gbyhn.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

blog.alphaloan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.176.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.176.102.34.bc.googleusercontent.com

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c01::9d (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.68.234.1 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

tw-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.43.89.4 (Singapore, Singapore) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.96.119.68 (Kansas City, United States) 6 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.119.96.34.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.105.203.31 (Tokyo, Japan) 6 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1857-31.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:822::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.117.219.39 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 39.219.117.34.bc.googleusercontent.com

fp.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:827::2002 (Australia)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.251.42.130 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.181 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 182.161.74.18 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.254.153.160 (Singapore, Singapore) 2 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:824::2002 (Australia)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81f::2001 (Australia)

ASN15169 (GOOGLE, US)

76f43514607048bbf0972e7f93706aab.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
41e19a6a77305dd49713ef69afb27eb4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2404:6800:4004:825::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.8 (Japan) 1 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2404:6800:4004:801::2006 (Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800e:21:46d:7e81:55ff:4c12 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2142:5000:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.99.49.250 (Singapore, Singapore) 2 redirects

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.0.179.214 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-179-214.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.22.24.124 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)

cksync.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.199.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:df2:a300:bbbb::135 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.232.238.37 (Minato-ku, Japan) 1 redirects

ASN2497 (IIJ Internet Initiative Japan Inc., JP)

sync.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.254.195 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-254-195.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.177.11.95 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com

cs.r-ad.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.141 (Los Angeles, United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.221.113.7 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-113-7.ap-southeast-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.173.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-173-56.nrt57.r.cloudfront.net

cache-ssl.celtra.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 76f43514607048bbf0972e7f93706aab.safeframe.googlesyndication.com 41e19a6a77305dd49713ef69afb27eb4.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 170	837 KB
58	holmesmind.com 3 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 116450 c.holmesmind.com — Cisco Umbrella Rank: 91749 fcm.holmesmind.com — Cisco Umbrella Rank: 119918 adcdn.holmesmind.com — Cisco Umbrella Rank: 113466 ad.holmesmind.com — Cisco Umbrella Rank: 84515 fp.holmesmind.com — Cisco Umbrella Rank: 114348 m.holmesmind.com — Cisco Umbrella Rank: 269955	233 KB
42	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 171 cm.g.doubleclick.net — Cisco Umbrella Rank: 304 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 390	406 KB
34	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 79697 885585f9-091c-4444-b1d9-5a5b759b082e.t.ssp.hinet.net	28 KB
20	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 364	266 KB
18	appier.net 12 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 33563 gocm.c.appier.net — Cisco Umbrella Rank: 3834	3 KB
17	google.com www.google.com — Cisco Umbrella Rank: 19 adservice.google.com — Cisco Umbrella Rank: 136	51 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	579 KB
10	reurl.cc 2 redirects reurl.cc — Cisco Umbrella Rank: 218303 storage.reurl.cc	20 KB
8	aralego.com 2 redirects ads.aralego.com — Cisco Umbrella Rank: 23455 sync.aralego.com — Cisco Umbrella Rank: 4213	4 KB
6	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 9439	89 KB
6	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 13296 adservice.google.co.jp — Cisco Umbrella Rank: 55951	2 KB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 492	127 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 334	4 KB
4	openx.net 3 redirects us-u.openx.net — Cisco Umbrella Rank: 708	720 B
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 908	3 KB
4	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 844	1 KB
4	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 14452	680 B
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1003	800 B
3	mookie1.com static-tagr.gd1.mookie1.com — Cisco Umbrella Rank: 43404 tw-gmtdmp.mookie1.com — Cisco Umbrella Rank: 488696	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
2	celtra.io cache-ssl.celtra.io — Cisco Umbrella Rank: 14281	3 MB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1257 r.turn.com — Cisco Umbrella Rank: 5416	869 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 1080	771 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	88 KB
2	scupio.com prebid.scupio.com — Cisco Umbrella Rank: 63991	186 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 789	79 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 115	9 KB
2	re-news.tw storage.re-news.tw re-news.tw	30 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 203	34 KB
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 983	470 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 493	461 B
1	r-ad.ne.jp 1 redirects cs.r-ad.ne.jp — Cisco Umbrella Rank: 104171	680 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 7466	610 B
1	fout.jp 1 redirects sync.fout.jp — Cisco Umbrella Rank: 52022	660 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 2522	448 B
1	yahoo.co.jp cksync.yahoo.co.jp — Cisco Umbrella Rank: 5398	622 B
1	sharethrough.com 1 redirects match.sharethrough.com — Cisco Umbrella Rank: 820	356 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 1009	677 B
1	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 16888	613 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1504	464 B
1	microad.jp 1 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 58254	515 B
1	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 611	5 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 7283	979 KB
1	alphaloan.co blog.alphaloan.co	133 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3762	305 KB
1	gbyhn.com.tw img.gbyhn.com.tw	173 KB
1	prnasia.com mma.prnasia.com	29 KB
1	racingcharger.tw img.racingcharger.tw	95 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 358	5 KB
1	rawgit.com 1 redirects cdn.rawgit.com — Cisco Umbrella Rank: 14367	723 B
323	51

	Domain	Requested by
40	pagead2.googlesyndication.com	reurl.cc pagead2.googlesyndication.com ads.aralego.com securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
33	cdn.holmesmind.com	reurl.cc cdn.holmesmind.com ad.holmesmind.com
27	t.ssp.hinet.net	reurl.cc cdn.holmesmind.com t.ssp.hinet.net
23	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net reurl.cc
20	s0.2mdn.net	reurl.cc s0.2mdn.net
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com reurl.cc pagead2.googlesyndication.com
12	ad2.apx.appier.net	6 redirects reurl.cc
12	www.google.com	reurl.cc www.gstatic.com www.google.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	www.gstatic.com	www.google.com www.gstatic.com
9	reurl.cc	2 redirects reurl.cc
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	c.holmesmind.com	3 redirects reurl.cc cdn.holmesmind.com
7	885585f9-091c-4444-b1d9-5a5b759b082e.t.ssp.hinet.net	reurl.cc t.ssp.hinet.net cdn.holmesmind.com
6	securepubads.g.doubleclick.net	cdn.aralego.net securepubads.g.doubleclick.net
6	cdn.aralego.net	reurl.cc ads.aralego.com
6	gocm.c.appier.net	6 redirects
6	cdn.jsdelivr.net	reurl.cc
5	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
5	adservice.google.co.jp	pagead2.googlesyndication.com securepubads.g.doubleclick.net
5	ib.adnxs.com	3 redirects static-tagr.gd1.mookie1.com googleads.g.doubleclick.net
5	adcdn.holmesmind.com	cdn.holmesmind.com
4	googleads4.g.doubleclick.net	reurl.cc
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	sync.aralego.com	ads.aralego.com reurl.cc
4	ads.aralego.com	2 redirects ads.aralego.com
4	bidder.criteo.com	static.criteo.net
4	fp.holmesmind.com	cdn.holmesmind.com
4	fonts.gstatic.com	www.google.com reurl.cc
4	prebid-asia.creativecdn.com	cdn.holmesmind.com
4	ad.holmesmind.com	cdn.holmesmind.com
3	partner.googleadservices.com	pagead2.googlesyndication.com
3	www.google-analytics.com	reurl.cc www.google-analytics.com
2	cache-ssl.celtra.io	s0.2mdn.net
2	onetag-sys.com	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	prebid.scupio.com	cdn.holmesmind.com
2	static.criteo.net	cdn.holmesmind.com
2	m.holmesmind.com	cdn.holmesmind.com
2	fcm.holmesmind.com	cdn.holmesmind.com
2	www.facebook.com	reurl.cc
2	static-tagr.gd1.mookie1.com	cdn.holmesmind.com
2	connect.facebook.net	reurl.cc connect.facebook.net
1	ads.yieldmo.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	cs.r-ad.ne.jp	1 redirects
1	fksnk.com	1 redirects
1	sync.fout.jp	1 redirects
1	r.turn.com	reurl.cc
1	ad.turn.com	1 redirects
1	trace.mediago.io	1 redirects
1	cksync.yahoo.co.jp	googleads.g.doubleclick.net
1	match.sharethrough.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	ipac.ctnsnet.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	s-cs.send.microad.jp	1 redirects
1	41e19a6a77305dd49713ef69afb27eb4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	76f43514607048bbf0972e7f93706aab.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.co.jp	reurl.cc
1	static.xx.fbcdn.net	www.facebook.com
1	tw-gmtdmp.mookie1.com	reurl.cc
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.wixstatic.com	reurl.cc
1	blog.alphaloan.co	reurl.cc
1	i0.wp.com	reurl.cc
1	img.gbyhn.com.tw	reurl.cc
1	re-news.tw	reurl.cc
1	mma.prnasia.com	reurl.cc
1	img.racingcharger.tw	reurl.cc
1	storage.re-news.tw	reurl.cc
1	cdnjs.cloudflare.com	reurl.cc
1	cdn.rawgit.com	1 redirects
1	storage.reurl.cc	reurl.cc
323	74

This site contains links to these domains. Also see Links.

Domain
imgus.cc
youtils.cc
re-news.tw
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2022-09-23` - `2022-12-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
storage.reurl.cc GTS CA 1D4	`2022-09-03` - `2022-12-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.ssp.hinet.net	`2021-10-12` - `2022-10-12`	a year	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2022-05-19` - `2023-06-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-13` - `2022-10-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
storage.re-news.tw GTS CA 1D4	`2022-08-26` - `2022-11-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
static-tagr.gd1.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-03` - `2022-12-01`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.prnasia.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-08` - `2022-12-08`	a year	crt.sh
re-news.tw R3	`2022-09-02` - `2022-12-01`	3 months	crt.sh
*.gbyhn.com.tw E1	`2022-10-02` - `2022-12-31`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
tls.automattic.com R3	`2022-09-11` - `2022-12-10`	3 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-30` - `2022-10-27`	6 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.google.co.jp GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.t.ssp.hinet.net	`2022-04-14` - `2023-04-14`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2021-10-13` - `2022-11-13`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-21` - `2022-11-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2022-08-05` - `2023-09-04`	a year	crt.sh
celtra.io Amazon	`2022-08-02` - `2023-08-31`	a year	crt.sh

This page contains 51 frames:

Primary Page: https://reurl.cc/main/tw
Frame ID: E3C90C1327B84247B86EC65A69576686
Requests: 56 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: A57C343BB60180CAD9F49DD04E2B80DD
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 2C38949B0FF8BB3CE457029381FC0D98
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 26B9872DC10B8B02715E4F5FF453A8D4
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 8BAB6788A369D4221BE8D73AB469219A
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 394D65B769AD2BC8E2BB31F531AE27B2
Requests: 10 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 2EA173AA02B6A90836A37764A087F221
Requests: 11 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 2667DD7EE502F008E33B25756C71D0C1
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 2C124DA36C45C6D5A8D70549A6E01021
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
Frame ID: AF4F63CF5E2FCD5F4FF8ADAEE608A8EB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=amivyle6ona2
Frame ID: 1871E38E4DBBAA3F06825700B032D077
Requests: 7 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4622-hukPwInBLDgsunfFXQYYHUpDZdI41SmI&CFFPCKUUID=2609-LckY6NJpB7eGS5qKGAGQQ1egjFaVVaNf&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Frame ID: 762BC55041674C283D9D05EABA15C342
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4622-hukPwInBLDgsunfFXQYYHUpDZdI41SmI&CFFPCKUUID=2609-LckY6NJpB7eGS5qKGAGQQ1egjFaVVaNf&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Frame ID: 95D34FB3129912F32AD349BFE03C8102
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
Frame ID: 19CA5E7B745F5B656112A1B769024466
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9999486404371312&output=html&adk=1812271804&adf=3025194257&lmt=1664866178&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866177903&bpp=2&bdt=287&idt=337&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5686070854853&frm=20&pv=2&ga_vid=120190530.1664866178&ga_sid=1664866178&ga_hid=1149298176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070101%2C44774606%2C31067825&oid=2&pvsid=4222929635518223&tmod=1807624812&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=352
Frame ID: E4AC01454CE6D15CFC44CB413C2C3263
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 70173F2E5957F0BC3C9EA180CCD12EF8
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 4572F2D85E1F9F9F88086E484F733D90
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 1F9A4033E12545BD790143A256D30165
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 52B60E3D1C8C4EE09A02AE057EB9D95E
Requests: 20 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 69458F078124AEDD80A051DBA207218A
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 89D382EDEBD55324ABDBAD3B8F9C788D
Requests: 19 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 927139EE6BC425E35D64E4B34A95EB3A
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: E25690FB48C02E3041FBFDCA4FC1E790
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4622-hukPwInBLDgsunfFXQYYHUpDZdI41SmI&CFFPCKUUID=2609-LckY6NJpB7eGS5qKGAGQQ1egjFaVVaNf&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Frame ID: F256F0F54A9BD5333F8F89AE9B89E266
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4622-hukPwInBLDgsunfFXQYYHUpDZdI41SmI&CFFPCKUUID=2609-LckY6NJpB7eGS5qKGAGQQ1egjFaVVaNf&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Frame ID: 70622C475A6658B25AF11B471347658F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Frame ID: AF09F11EC39E9BD679E6D8F330E9AF61
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Frame ID: 32DB1FC2A08303A151F16EFE1F7346C8
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: ABECADCE0223380DFC38D7EB970F7E4A
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: EC588A4158EE9365547A80D07D5EAEE2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 2F13FCD79B5CAEA2D6F31427FB353064
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: DC172E872020F298F6871E05C48EDBA6
Requests: 8 HTTP requests in this frame

Frame: https://76f43514607048bbf0972e7f93706aab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: 2918E0726C24E6A2FA25AEC70B196B5B
Requests: 1 HTTP requests in this frame

Frame: https://41e19a6a77305dd49713ef69afb27eb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: CC0BEA67F893E0F99BF0C8A01C31B021
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13803&adk=3215738614&adf=2645242783&pi=t.ma~as.2784%2F13803&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180413&bpp=20&bdt=594&idt=233&shv=r20220928&mjsv=m202210030101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=2&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=1794793696&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=935&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=793419206&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531706%2C31070102&oid=2&pvsid=4025329472131933&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vmxe9ay402ds&fsb=1&dtd=246
Frame ID: 763E0923E4B13CD63E5B22794B495C53
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242782&pi=t.ma~as.2784%2F13802&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180450&bpp=11&bdt=603&idt=223&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=1&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=992895139&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=2519583734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069957%2C42531706%2C31070101%2C44772928&oid=2&pvsid=2807034736151455&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.24bfnz4o8ji8&fsb=1&dtd=236
Frame ID: C8E36A64C2548AB7F710741512FFB428
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEY89bs0AEwAQ&v=APEucNVXQw1fw2PrP2zSZbtFc5bPE3CFcL0292YTu9bsnEG3zU8iUSt_M2xjo_u09O-nrOgOu82JTNdlk18EgKV4K5TA9EBu4w
Frame ID: 9C7ADEE23D8CE11B3950882E51CB4C5D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEY89bs0AEwAQ&v=APEucNXtbqYwe8htk8txKfYpFMzVuKpLFsImLsVTngpWAgx2LGOHVSmCS7-7hGXU_YNNR8_qRxTUHWCQg_1s44tr15RUfzdhlA
Frame ID: 70836D6C2C6654CA01823F209D3BFF8F
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C81A57E55EF2494BB78BC611E09E37A3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 839BE0A41B5D42BF0F436343AB631BCA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 665ACD55FEC8E125056797668202138E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CFE14DDA1EB3454098537542CE62616F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5F85FF3F8AB2CDB26344C53AC3D57202
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 15A8CC3A473FEDA008923557725E020A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
Frame ID: 168DB94FE1A80204E6FC70B25667B629
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 27FEAC79BD2F86DC5DEB3B079E85B335
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E753E195EB2070C13F06291E04110403
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
Frame ID: 65B92192C410326AEA75EB768136CB43
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4CFAED08B964E7F22D386FE97EE13503
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EE0C26B4BE8C50CA82C739894F7CB4BB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 71E423AFF7B99E594AE336FE766C9D56
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E082C1C1E50A33376BDFB66F640D18F4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

縮短網址產生器 - reurl

Page URL History Show full URLs

http://reurl.cc/ HTTP 301
https://reurl.cc/ HTTP 302
https://reurl.cc/main/tw Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js
/npm/sweetalert2@([\d.]+)
sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

323
Requests

89 %
HTTPS

43 %
IPv6

51
Domains

74
Subdomains

58
IPs

7
Countries

7577 kB
Transfer

11536 kB
Size

59
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://imgus.cc/
Title: 縮圖片

Search URL Search Domain Scan URL

URL: https://youtils.cc/yt-dlp/main/zh-hants
Title: 下載youtube

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: 什麼是utm?

Search URL Search Domain Scan URL

URL: https://re-news.tw/racingcharger/32385

Search URL Search Domain Scan URL

URL: https://re-news.tw/prnasia/3890326_TW90326_2

Search URL Search Domain Scan URL

URL: https://re-news.tw/creditcard/285308

Search URL Search Domain Scan URL

URL: https://re-news.tw/gbyhn/43046

Search URL Search Domain Scan URL

URL: https://re-news.tw/golike/5830

Search URL Search Domain Scan URL

URL: https://re-news.tw/alphaloan/25070

Search URL Search Domain Scan URL

URL: https://re-news.tw/zocha/63350a4eddbc4f91c4d8ab20

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: 表情符號(emoji)

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: IP查詢

Search URL Search Domain Scan URL

URL: https://youtils.cc/big5gb
Title: 繁簡轉換

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QRCode

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: 身高/長度換算

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: 台股資訊網

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: 字數統計

Search URL Search Domain Scan URL

URL: https://youtils.cc/password/zh-Hants
Title: 密碼序號產生器

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: 日期計算機

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: 農曆轉國曆

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://reurl.cc/ HTTP 301
https://reurl.cc/ HTTP 302
https://reurl.cc/main/tw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://cdn.rawgit.com/zenorocha/clipboard.js/v1.7.1/dist/clipboard.min.js HTTP 301
https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js

Request Chain 29

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 35

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 38

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 72

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=215413-LQfeyxKhaE73iMT9BUhIU8Mn3oimBhcX&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=215413-LQfeyxKhaE73iMT9BUhIU8Mn3oimBhcX&uu_m=undefined&google_gid=CAESEHYw7R-OYFw4ti4Jdq-Skgo&google_cver=1

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=215413-LQfeyxKhaE73iMT9BUhIU8Mn3oimBhcX&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=215413-LQfeyxKhaE73iMT9BUhIU8Mn3oimBhcX&uu_m=undefined&google_gid=CAESEIU5L0ugrpGJUaGo6aJmFxs&google_cver=1

Request Chain 136

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw

Request Chain 137

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw

Request Chain 140

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw

Request Chain 141

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw

Request Chain 143

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw

Request Chain 166

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk

Request Chain 167

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk

Request Chain 224

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 225

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhzeSaYqHWApVyTF89MuZM&google_cver=1

Request Chain 226

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzvXhQizfnX6eBxt21jUhAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhzeSaYqHWApVyTF89MuZM&google_cver=1

Request Chain 237

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMhyJgVU4fshXo7YN56CXgQ&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMhyJgVU4fshXo7YN56CXgQ%26google_cver%3D1

Request Chain 238

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM2NTg5MjI2MDE4NDcxMTI5Nw%3D%3D

Request Chain 239

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDSi58DbpUTPmmsJ6H4bsAI&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDSi58DbpUTPmmsJ6H4bsAI&google_cver=1

Request Chain 240

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTRjYmQ2ZTUtZDc4MS0yZDQ5LWRmN2UtNzdiZTE2NzFhZGQ5

Request Chain 249

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESELYmBNL38XBkNmqEXtKiP6Y&google_cver=1&google_push=AZmPxg9AhCuHE45kqB3QFLlcxBSue6BL3X2dRjeQTS23H1wNEgoP05zVU1lV0AtuKMDHcpikx5Dkinaf78owBrrxdRLOzEjbgCbD9w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg9AhCuHE45kqB3QFLlcxBSue6BL3X2dRjeQTS23H1wNEgoP05zVU1lV0AtuKMDHcpikx5Dkinaf78owBrrxdRLOzEjbgCbD9w&google_hm=eYYxB4ZdSze32oMpq00Qhbw

Request Chain 250

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMfGraF9UGoVFN0sv8-ipAM&google_cver=1&google_push=AZmPxg8oDClNY0LqRFnW-m-waw0G_R_dHrekAC6dJuk5psl5XK5kjeX_TqKHmgr82S_p7x_wJEz587sBbmrOzx9EfEf8Uy82Lh8JpQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=8ed1d807&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AZmPxg8oDClNY0LqRFnW-m-waw0G_R_dHrekAC6dJuk5psl5XK5kjeX_TqKHmgr82S_p7x_wJEz587sBbmrOzx9EfEf8Uy82Lh8JpQ

Request Chain 251

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJ_Qes1EC2fyZ9YYsMXQrNw&google_cver=1&google_push=AZmPxg-MUM_HdBbyYGECXOgyScCaehhItnfdhCjnKMC2wqe8rGFnPEnItwA3O-sScQk3v9ZSrjSI252M4jBDe62rITkncaiVNdG2Pw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-MUM_HdBbyYGECXOgyScCaehhItnfdhCjnKMC2wqe8rGFnPEnItwA3O-sScQk3v9ZSrjSI252M4jBDe62rITkncaiVNdG2Pw

Request Chain 252

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEITCfPEk_Oz3LLg-jxgKxUI&google_cver=1&google_push=AZmPxg_g-paU9XIe6Lw8B0Xdaw04YvQosiVivy1v6DHBSoBHn75BbE_-ZsdaRyhPQtafdpoLq7nHOxTAWd-Hjx2q-HdnHgZXCvx9iA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZGY1NTdjMjYtZjFlZC00NmYzLWE0NWYtZjRhODM1YTczMzkz&google_push=AZmPxg_g-paU9XIe6Lw8B0Xdaw04YvQosiVivy1v6DHBSoBHn75BbE_-ZsdaRyhPQtafdpoLq7nHOxTAWd-Hjx2q-HdnHgZXCvx9iA

Request Chain 254

https://trace.mediago.io/cs/google?google_gid=CAESEGmEERWEO8Gpb9eqW5o9F3U&google_cver=1&google_push=AZmPxg95feq1rZmA57iF5_1tYO7BFei_pmwtDph19ag3X0pFwCt2cwgC8JckEIoJaI_4ux0pePkWvl522dUP3emV0pThB2-VVPUvIMs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg95feq1rZmA57iF5_1tYO7BFei_pmwtDph19ag3X0pFwCt2cwgC8JckEIoJaI_4ux0pePkWvl522dUP3emV0pThB2-VVPUvIMs&google_hm=0ce22d41943dda7d0280c21ba1ed7902

Request Chain 259

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEILhPkWo9mpCVaKpCM55shc&google_cver=1&google_push=AZmPxg8T6I_9Ss3n_s33TOV5k18cB-z_uqmCHsmWK-Stz6W95PKO3129AUNWoMdC-zrXqUccB3KZdSx6gauBDQW_NoDEqO5IPpCA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM5ODEyOTc3NzM2NzMwMTIzOA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEILhPkWo9mpCVaKpCM55shc&google_cver=1

Request Chain 260

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESECLXZUYKGUEzBPAVBOwNmIc&google_cver=1&google_push=AZmPxg9H1NP5bq08FpNKe1BTYuyh6cIzcUPJdos-ZMm3p5-SD7A3A6zHOw2m3wqWSfU7hN09PWRv1V1P-KOw4ovsiU_e6TaxVT0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg9H1NP5bq08FpNKe1BTYuyh6cIzcUPJdos-ZMm3p5-SD7A3A6zHOw2m3wqWSfU7hN09PWRv1V1P-KOw4ovsiU_e6TaxVT0&google_hm=UXhWdGZobGFaTVpUdlFBNTF2b0tYLUZfc1hj&from_google=pc1

Request Chain 261

https://fksnk.com/cs/google?google_gid=CAESEIKlJ7Ajq2RNN4xbcZvFFI0&google_cver=1&google_push=AZmPxg_1hF1PeUh_W0ZYE_q3z5kh121tDizbdyfHBPJry6fyzCrSOhoLBVok14HqXXki4uprw7sD3X-YZGkq0fMs0jKimTU8dnkS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0NFMzFBRUY5MTVCQzdDMg==

Request Chain 262

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEDtf6CIo5yoBx0EP0OaPf4Q&google_cver=1&google_push=AZmPxg8W_tHEZLIP60M1nSktce3S2mJjCmnNc40PD76Jprg0e6Q_UTGXZtln-RG22-j5HhlHezSrpdsrv9bHYRkdyA4xvlkruBoh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg8W_tHEZLIP60M1nSktce3S2mJjCmnNc40PD76Jprg0e6Q_UTGXZtln-RG22-j5HhlHezSrpdsrv9bHYRkdyA4xvlkruBoh&google_hm=NTBuNm5mMDBiQkRHYTAwN3lwUlc

Request Chain 263

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM-129ykhWB2sF2SkBSqtiE&google_cver=1&google_push=AZmPxg_dsAmBJIO-IEaiv8Oc0lGZglvMhMNbP0_TBKbdIweRGF5dSUwK4d0-aD4FSkB_kdwvMkNhquGG-OXP4LROHN5AygtC6Z8z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhUVUM3RDEtMUktTTRFNA==&google_push=AZmPxg_dsAmBJIO-IEaiv8Oc0lGZglvMhMNbP0_TBKbdIweRGF5dSUwK4d0-aD4FSkB_kdwvMkNhquGG-OXP4LROHN5AygtC6Z8z

Request Chain 264

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJ_Qes1EC2fyZ9YYsMXQrNw&google_cver=1&google_push=AZmPxg-3rNcaIN5V__wWgCYzzbAvza0SPogyDp0zj1rV6zUy26F82vK3J-imt9WVWrVWiVMoMsayJPwq5FIBFf1I9YG8MXRkGd_A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-3rNcaIN5V__wWgCYzzbAvza0SPogyDp0zj1rV6zUy26F82vK3J-imt9WVWrVWiVMoMsayJPwq5FIBFf1I9YG8MXRkGd_A

Request Chain 265

https://ads.yieldmo.com/exptsync?google_gid=CAESEDhETgpUp9dk4gN9xJecCJ8&google_cver=1&google_push=AZmPxg_maZAYH3fzOMJ_--d4elX_P6pVcu4CUEdz56Mp5MijNEWF7i9wQ9Y0WyOwW5e9vVYQxlklrOhNHYqYNNbkQNjHJ8xLCY4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg_maZAYH3fzOMJ_--d4elX_P6pVcu4CUEdz56Mp5MijNEWF7i9wQ9Y0WyOwW5e9vVYQxlklrOhNHYqYNNbkQNjHJ8xLCY4&google_hm=Z2JhMTQzODg2NTk0NzM0Mzg5MGQ=

323 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request tw Show response
reurl.cc/main/
Redirect Chain

http://reurl.cc/
https://reurl.cc/
https://reurl.cc/main/tw

14 KB
5 KB

61ms
61ms

Document
text/html

35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cd5ab7c7306798deef3df999f76cbcde7ac2e7e51b6bac60c36da4250151b79f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 04 Oct 2022 06:49:37 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

Redirect headers

content-length: 31
content-type: text/html; charset=utf-8
date: Tue, 04 Oct 2022 06:49:37 GMT
location: /main/tw
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
24 KB 41ms
17ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3310730
x-jsd-version: 4.3.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19122-FRA, cache-cdg20721-CDG
x-jsd-version-type: version
server: cloudflare
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImFc0MSvPJPZ4Ps2aXe0eq2O8tIdvaj3LWmTidTQs05h0GJbytT%2BHSqsdCO1wNXJfOtGGhtRPcEih4DOe7W342FI8z02IQILfdZGc%2BVTl%2BT%2FG1ZOlQsQfBPGR%2B4O%2BDmNWGYvUZLO8XadrqnfdIU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 754bfa8a4991af48-NRT

GET
H2 200 style.css
storage.reurl.cc/stylesheets/rwd/ 2 KB
1 KB 89ms
4ms Stylesheet
text/css 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/stylesheets/rwd/style.css
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 03:44:56 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 11081
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public,max-age=28800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 918

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
54 KB 102ms
62ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9999486404371312

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16ffdbe815b341deb7bbc1b8f826f40ec15d27ec797e68d93376db939a72e9a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Origin: https://reurl.cc
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54637
x-xss-protection: 0
server: cafe
etag: 4779668196233712237
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 06:49:37 GMT

GET
H2 200 pixel.js Show response
reurl.cc/javascripts/ 470 B
559 B 69ms
62ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
content-encoding: gzip
last-modified: Sun, 08 Aug 2021 17:07:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"61100f5a-1d6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Wed, 04 Oct 2023 06:49:37 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ 5 KB
2 KB 102ms
32ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Tue, 04 Oct 2022 06:59:37 GMT

GET
H3

200

clipboard.min.js Show response
cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/
Redirect Chain

https://cdn.rawgit.com/zenorocha/clipboard.js/v1.7.1/dist/clipboard.min.js
https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js

11 KB
4 KB

35ms
34ms

Script
application/javascript

2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12508618
x-jsd-version: 1.7.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19165-FRA, cache-itm18829-ITM
x-jsd-version-type: version
server: cloudflare
etag: W/"2aa5-qeaI8MJlRinRJjDbMhGpT3WiLLY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HWJKZNIXOXpQc4skuQ%2FJe%2FDlrV3ZEhVYxfwYMUnQNxwREr460f4eP%2FmkvskrQXDRUilSXf3herjjAMaephqgwguoA36SxQTCQ3aRhd69q%2F952GZNwxdTcHN8rBy5Ph3b9FT1SxQpqT5TE0WrSc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 754bfa8c1b0fdee7-NRT

Redirect headers

date: Tue, 04 Oct 2022 06:49:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cdn-edgestorageid: 948
age: 76710
x-cache: MISS, HIT
cdn-cachedat: 10/04/2022 06:49:37
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
content-length: 113
x-served-by: cache-fra19130-FRA, cache-chi-kigq8000137-CHI
server: BunnyCDN-JP-948
cdn-proxyver: 1.02
cdn-requestpullcode: 301
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js
access-control-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers: *
cache-control: public, max-age=2592000
cdn-cache: EXPIRED
cdn-requestid: 0c03ac13ddb5b90bf50ebaf08cccfdc4
timing-allow-origin: *
cdn-requestcountrycode: JP
cdn-status: 301
cdn-requestpullsuccess: True

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/ 13 KB
5 KB 14ms
8ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/axios.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2862560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4224
last-modified: Mon, 04 May 2020 16:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d6a-3580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0aGuMpqnEubaOjwVgHMWrROmSun%2FKtsFuBHYbDLNH8LTx3DLbOE81ACuT4vosImPlvuGYesUDd6FZfYq49Bag3jtQ69XN%2BVGhuN%2BZnZXV97KjiQ0AAGr%2FTS38HF9ZS8SPfGEG6EP2OOEXoEECXM8YVs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 754bfa8abac1dff5-NRT
expires: Sun, 24 Sep 2023 06:49:37 GMT

GET
H2 200 sweetalert2.all.min.js Show response
cdn.jsdelivr.net/npm/sweetalert2@9/dist/ 65 KB
18 KB 10ms
9ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@9/dist/sweetalert2.all.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2950bc3fd628cb8a8c6b1367f664e31353a6ff9edd99c3f2831ce548610a05b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17633
x-jsd-version: 9.17.2
content-encoding: br
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19148-FRA, cache-tyo11964-TYO
x-jsd-version-type: version
server: cloudflare
etag: W/"105f5-IoZ47xa2VqsB8s6EqlY9hdo2pRY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pINvYU7gKlK6eLIobSVTaoa5W5O01hsQHUm%2FkjJusPnvcpTavy4OQtlsNaRpa%2BJacMKTgqYOhbrrnjOgXUWuUUI1oE9pTykGmu1TNJMePTmFNWhwLXu9oRWLJMAtyeDGccf93LcznqEBlqRPX1U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 754bfa8aba24af48-NRT

GET
H2 200 FileSaver.js Show response
reurl.cc/javascripts/ 12 KB
4 KB 59ms
58ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/FileSaver.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f3481bf12191837d5e19d9526f18fd20fc88395a403c1a0b098eeef10a7f56ab

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
content-encoding: gzip
last-modified: Sun, 08 Aug 2021 17:07:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"61100f5a-2fce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Wed, 04 Oct 2023 06:49:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
54 KB 102ms
64ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67b18fc7710b8125dbc17abd2d9824c1e96f2b54d62697b5b692e9c95273af81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54635
x-xss-protection: 0
server: cafe
etag: 9403653189672568763
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 06:49:37 GMT

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.4.1/dist/ 86 KB
32 KB 36ms
15ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.4.1/dist/jquery.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12512717
x-jsd-version: 3.4.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19145-FRA, cache-iad-kiad7000082-IAD
x-jsd-version-type: version
server: cloudflare
etag: W/"15851-iFI5JDUbrAtdVg/gxXgeJVbnaT0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKSB%2BUUOiNaGCRogk3SKY9AxmMejAj6cTSYuCttWs%2F5LMlgehMGmrtjQkJXyHQio09vyYKqns2ZfaUhJfsPOkoWfsd3SGu32alsrN0%2FGRx4BxxUW7Rlyf6RBCYU0L0beUQ%2FhmYsqFz4Jl2MN6O0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 754bfa8a4996af48-NRT

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/ 59 KB
16 KB 39ms
18ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/bootstrap.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2871145
x-jsd-version: 4.4.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19139-FRA, cache-cdg20743-CDG
x-jsd-version-type: version
server: cloudflare
etag: W/"ea6a-s8EWxl5vBTqqtF5WGaeOwAJxpQ8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BgjPLfenv23L48qd3GL0Ljkdi1gCHmSm3FNOHsq43aufLrTGVOw44fknQzHuIaxlLXDl%2Fk6MA4uuAvefEpmoD%2BAJ0JTIxcvoyABaqJIMn30izzdqlfrxNYte516KpCkO3Aa17oOpmUsZBXMet4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 754bfa8a4998af48-NRT

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
32 KB 40ms
20ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12519255
x-jsd-version: 2.5.16
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19175-FRA, cache-iad-kiad7000031-IAD
x-jsd-version-type: version
server: cloudflare
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuraeUv0GlGvpDBLdZpPvMXOqp071a9t7KNGVAXsIn5qnPS2lY%2F5vvvGt45uVQRjudpOmqnAmnIYTYA1VJZhTS7AO8EtoiWiQiYFZ9cegIEXbK8sWHsjkM6EZ4Ut4apbddcGrHnCAjYVsc6cOCI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 754bfa8a499baf48-NRT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ 6 KB
7 KB 7ms
6ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date: Tue, 04 Oct 2022 06:48:52 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 46
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: HSOOY8rXS4GmdT1XQbPPKnqrUQvRFkWvUx8d-osK0K7VM3ZEPEq5BA==

GET
H2 200 vue-qrcode.min.js Show response
reurl.cc/javascripts/ 18 KB
7 KB 67ms
62ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/vue-qrcode.min.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 62a62225a4e6e5ea098b9ed6aa19c2149880cbd6d3e0314f2b875a32b1f8ce25

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
content-encoding: gzip
last-modified: Sun, 08 Aug 2021 17:07:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"61100f5a-470c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Wed, 04 Oct 2023 06:49:37 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
969 B 91ms
42ms Script
text/javascript 2404:6800:4004:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

379258bd378f7651e24441891fb0b24cd8c89f46a92e4b8364692a5ac023b9d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 556
x-xss-protection: 1; mode=block
expires: Tue, 04 Oct 2022 06:49:37 GMT

GET
H2 200 main.js Show response
reurl.cc/javascripts/ 6 KB
2 KB 67ms
62ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/main.js?v=15
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0a0c38a5360cea04600fda81109a0aa60740cc6e182342ebab6029405d19eab9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
content-encoding: gzip
last-modified: Sat, 01 Oct 2022 01:29:32 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"633797fc-1966"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Wed, 04 Oct 2023 06:49:37 GMT

GET
H2 200 renews.js Show response
reurl.cc/javascripts/ 698 B
561 B 66ms
62ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-2ba"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Wed, 04 Oct 2023 06:49:37 GMT

GET
H2 200 ga2.js Show response
reurl.cc/javascripts/ 618 B
588 B 66ms
63ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/ga2.js?v=2
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-26a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Wed, 04 Oct 2023 06:49:37 GMT

GET
H2 200 rwd_cap.js Show response
cdn.holmesmind.com/js/ 41 KB
41 KB 93ms
54ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rwd_cap.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 003c6c7476d2158d18f48473e7071c87f48e8e1cf957343020a148c97ba30482

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: BN9WwPCNLHdSgIvzd1_opxGo9OZ3hU5f
date: Tue, 04 Oct 2022 06:49:38 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 02:02:46 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
etag: "8fdf120a4b0155367b0b2347946ccc01"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 41735
x-amz-cf-id: yvJ1yQHJJz6tL8Kjr2G9FDhm78yjiSQv-WAi-_mWfp1zDsUpoyw5sg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 12ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 04 Oct 2022 06:49:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: oy9ytRi3RTENgjw7TGGTwbjyG31zM0BYooBKlhQiCPagfBJpPYdx0Qh8wHo2qf26KuCgi2GUXwGOXgbkHRfpxw==
x-fb-trip-id: 382461245
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ 389 KB
156 KB 49ms
6ms Script
text/javascript 2404:6800:4004:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bec7e5a49219ef10544321dbd44f27849644f20623c16f05baeeeaa73e3b9332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Origin: https://reurl.cc
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 18:44:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158844
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 18:44:51 GMT

GET
H2 200 feeds Show response
storage.re-news.tw/ 6 KB
6 KB 132ms
42ms XHR
text/html 35.244.196.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 99616e8fd74582c6f0be1c2e14e8ddabcca1f5388fb7be2a69231d9348f8f286

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"1690-fDdQz6NBBUld8QEx3dvJo8FD7uA"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5776

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 44ms
5ms Script
text/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 05:38:56 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4241
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 04 Oct 2022 07:38:56 GMT

GET
H/1.1 200
OK tagr_lib_learn_tw_v3.js Show response
static-tagr.gd1.mookie1.com/s1/ 4 KB
1 KB 200ms
3ms Script
application/javascript 23.10.15.101
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tagr.gd1.mookie1.com/s1/tagr_lib_learn_tw_v3.js?tagid=V2_98222&id=ClickForce_Learn
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rwd_cap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.10.15.101 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-10-15-101.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 10407b8212733e00354b330f4e4790764e6bc187a9d2b6b62b27aeb387bc268b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 06:49:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2016 05:38:37 GMT
Server: nginx
ETag: "57999a5d-1153"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1217

GET
H/1.1 200
OK checkSegmentsNFI.min.js Show response
static-tagr.gd1.mookie1.com/s1/sas/lh1/ 1 KB
843 B 201ms
4ms Script
application/javascript 23.10.15.101
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tagr.gd1.mookie1.com/s1/sas/lh1/checkSegmentsNFI.min.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rwd_cap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.10.15.101 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-10-15-101.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: afc3261eac9e8f5606c513fa7c62f5add4200b8d171d1972f11abe2ec1a0ac41

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 06:49:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Nov 2016 14:26:27 GMT
Server: nginx
ETag: "581b4913-428"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 552

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame A57C 5 KB
5 KB 9ms
9ms Document
text/html 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rwd_cap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 22
content-length: 4730
content-type: text/html
date: Tue, 04 Oct 2022 06:49:37 GMT
etag: "c36f5eb091d6195fe8b68f3b263f999b"
last-modified: Mon, 22 Aug 2022 03:00:17 GMT
server: AmazonS3
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
x-amz-cf-id: un3gOLlVA3-iTfRNz1Vww2TeO9w_1W4ULyyAj9gpxNrt4rAcX1HuSg==
x-amz-cf-pop: NRT57-C1
x-amz-version-id: 9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ 662 B
1013 B 9ms
9ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rwd_cap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 04 Oct 2022 06:48:52 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 46
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: ITd4cygA7Upqgdqur9j7XMt3fKrJ-VVzBaDoH835IwUryNs1SVqwHQ==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 2C38 9 KB
10 KB 7ms
7ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rwd_cap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date: Tue, 04 Oct 2022 06:49:16 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 03:00:16 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 22
etag: "ddf163a3d8381378b3e35e39339ad7ab"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9530
x-amz-cf-id: Nw9nVt_PWM9gnxALbQrpj_LWaNpbjPbBXoQMOWxwLh55qUEuzzib8Q==

GET
H3

200

cm
c.holmesmind.com/
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
16 B

176ms
160ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Tue, 04 Oct 2022 06:49:37 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 26B9 15 KB
9 KB 201ms
184ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

70bb57e420dc8be5ddc319383c340e075ee0818b200d3b435b817473cb33bfe3

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Tue, 04 Oct 2022 06:49:37 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 7lDSmodNCZHN9kacVVaYlVp6DxeoG3vNf04GHUNSmD8iCSrILHYdkZyDf/oSe47ZTvDs5X1+QHfDZcxTt3WvOQ==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 8BAB 5 KB
5 KB 6ms
6ms Document
text/html 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 22
content-length: 4730
content-type: text/html
date: Tue, 04 Oct 2022 06:49:37 GMT
etag: "c36f5eb091d6195fe8b68f3b263f999b"
last-modified: Mon, 22 Aug 2022 03:00:17 GMT
server: AmazonS3
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
x-amz-cf-id: uVL12wOOjRsOvtE9IVfqSM8plihf-teya4xlUR3Y1d9U5jLpVpZFwg==
x-amz-cf-pop: NRT57-C1
x-amz-version-id: 9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache: Hit from cloudfront

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 394D 9 KB
10 KB 3ms
2ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date: Tue, 04 Oct 2022 06:49:16 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 03:00:16 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 22
etag: "ddf163a3d8381378b3e35e39339ad7ab"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9530
x-amz-cf-id: O8IZfhaeSrA9zBuZdx7nP4HxBFKchcy6UW9SC3wYBPf-069BmU4fyQ==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 2EA1 9 KB
10 KB 3ms
3ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date: Tue, 04 Oct 2022 06:49:16 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 03:00:16 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 22
etag: "ddf163a3d8381378b3e35e39339ad7ab"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9530
x-amz-cf-id: rP5GeEDf0BUwaIhOPWTDxqTEs6SLUpfy5gvfgmxdB0-XBQdFGBymEw==

GET
H3 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 9ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5bf75136727678281c6a22a70b076465805bd0364caafb5e0f223e55faadbd73

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 04 Oct 2022 06:49:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7344
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: h82y5Nv+MQ843M1RHp3VwKpPPxOlfO/4Bhnbf9gGCUBEFu6bxsucJEOZs1CwhAYvm7Y+L+EAOAiZKqbhz0vmxg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

cm
c.holmesmind.com/ Frame A57C
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
16 B

180ms
163ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Tue, 04 Oct 2022 06:49:37 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 2667 39 B
191 B 175ms
167ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Tue, 04 Oct 2022 06:49:37 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame A57C 5 KB
2 KB 34ms
34ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Tue, 04 Oct 2022 06:59:37 GMT

GET
H3

200

cm
c.holmesmind.com/ Frame 8BAB
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
16 B

182ms
163ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Tue, 04 Oct 2022 06:49:37 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 2C12 39 B
97 B 3137ms
3136ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Tue, 04 Oct 2022 06:49:40 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 8BAB 5 KB
2 KB 33ms
32ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Tue, 04 Oct 2022 06:59:37 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 2C38 661 B
672 B 90ms
4ms Script
text/html 2600:9000:2142:e800:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=12684
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2142:e800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4df844aeb1bfe309f06fc5649a9184e530ed746bb1209a3f3c7dd8b52c49814c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:44:34 GMT
content-encoding: gzip
via: 1.1 7c3e8304b6c3c0dabcdeb3243f709cb0.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: NRT57-C3
age: 303
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: zgEmoVg2VwUGlr0a1vrkdsYxIXc2VkD2jW54vzaoEk4G_OJ0_twuIg==

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 394D 536 B
633 B 89ms
4ms Script
text/html 2600:9000:2142:e800:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13858
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2142:e800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 051141599f128f399f2cd53514ee1c28ba9d269ce1b065ba81dcc4b11a5d3b02

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:42:43 GMT
content-encoding: gzip
via: 1.1 7c3e8304b6c3c0dabcdeb3243f709cb0.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: NRT57-C3
age: 414
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: _uZB_umqymhlUpME7JX30ETkAJdtPRDvXw6K2guCZUoaOur6_Hb_5w==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 74ms
36ms XHR
text/plain 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1149298176&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1235366292&gjid=1212017802&cid=120190530.1664866178&tid=UA-102456694-1&_gid=1136600144.1664866178&_r=1&_slc=1&z=598633670

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
3ms Image
image/gif 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1149298176&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=0&el=MjE3LjEzOC4yNTIuMTg4&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=120190530.1664866178&tid=UA-102456694-1&_gid=1136600144.1664866178&z=592144868

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 16:01:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53297
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 2EA1 606 B
647 B 79ms
6ms Script
text/html 2600:9000:2142:e800:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13860
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2142:e800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e830fb2cd84ed7cc6eb54b4f7b682ddc8bf7dfe2bc02c3662631f0ee9abda2b7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:42:40 GMT
content-encoding: gzip
via: 1.1 7c3e8304b6c3c0dabcdeb3243f709cb0.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: NRT57-C3
age: 417
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: Zyv1UmOclP9-ljUZ0LDGBvkgR09-tmlAA0JgPT_iGiW3fUmrLIjZew==

GET
H2 200 / Show response
t.ssp.hinet.net/ 37 B
400 B 35ms
35ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

b288abf726128b05c6d09df7dcec96fa7a6cd8f0924032d479e6f161ae0115df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 7ms
7ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&rl=&if=false&ts=1664866177853&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1664866177852.1454272629&it=1664866177812&coo=false&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 04 Oct 2022 06:49:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ 349 KB
123 KB 144ms
106ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js?bust=31070101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c293a88b3450b0ac123f70a2b74b7bac240b0f95d2a0a149de0b6e8743f1b64b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125829
x-xss-protection: 0
server: cafe
etag: 13413978140717196149
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 06:49:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/ Frame AF4F 10 KB
5 KB 46ms
4ms Document
text/html 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 61420
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 13:45:57 GMT
etag: 9671129459699598864
expires: Mon, 17 Oct 2022 13:45:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 67ms
47ms Image
image/gif 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=165&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20Only%20one%20%27enable_page_level_ads%27%20allowed%20per%20page.%0Aat%20jq%20(https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A245%3A323)%0Aat%20iq%20(adsbygoogle.js%3A244%3A454)%0Aat%20pq%20(adsbygoogle.js%3A251%3A365)%0Aat%20c%20(adsbygoogle.js%3A252%3A38)%0Aat%20qq%20(adsbygoogle.js%3A252%3A158)%0Aat%20Bq%20(adsbygoogle.js%3A261%3A255)%0Aat%20rq%20(adsbygoogle.js%3A258%3A89)%0Aat%20adsbygoogle.js%3A253%3A54%0Aat%20n.ra%20(adsbygoogle.js%3A124%3A797)%0Aat%20jk%20(adsbygoogle.js%3A129%3A1037)&shv=r20220928&mjsv=m202209290101&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070101%2C44774606%2C31067825&client=ca-pub-2473403521176190&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1871 44 KB
23 KB 98ms
57ms Document
text/html 2404:6800:4004:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=amivyle6ona2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bb3afd6f725fa4936e47d9090080bf09d11f753debb8171a39cba44992a31644

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tyNlUu5xyxp68E6-ywTc5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23664
content-security-policy: script-src 'report-sample' 'nonce-tyNlUu5xyxp68E6-ywTc5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 06:49:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ 30 B
271 B 39ms
38ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=885585f9-091c-4444-b1d9-5a5b759b082e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 2022100403383025.jpg
img.racingcharger.tw/wp-content/uploads/ 94 KB
95 KB 103ms
13ms Image
image/jpeg 2606:4700:3032::6815:43a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.racingcharger.tw/wp-content/uploads/2022100403383025.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:43a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ec39f2dd01910076f860ac5dd6f4f31039deab7aded42581eb14ab83b4f7b41

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
cf-cache-status: HIT
last-modified: Tue, 04 Oct 2022 03:38:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9379
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hRIiwYTxylIehuCGeRHWvR6dCOphl0kMGyC9%2BQRbgOFROEwIcJV70ATbU7O%2FhhdxRiwEjTh%2BLUxymWtdv2%2BnaG6ib%2BIeKt4qSoanFpWhxcZdK4UmoR1G7I%2BFsbiOyoXDlny8v1CI%2Fr5hcfSvOWPVrdR4lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 754bfa8cbede80d2-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 96188

GET
H2 200 Addteq_APAC.jpg
mma.prnasia.com/media2/1912478/ 29 KB
29 KB 33ms
17ms Image
image/jpeg 2606:4700::6810:fc04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mma.prnasia.com/media2/1912478/Addteq_APAC.jpg?p=medium600
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:fc04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 584817003be05eb175bc89f04f6f3d5715376d63f6ea47c319e69cf9c0299b4e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
cf-cache-status: HIT
age: 1675
x-powered-by: ASP.NET
server-timing: intid;desc=1ceecdd19ddafca3
content-length: 29230
cf-bgj: h2pri
last-modified: Tue, 04 Oct 2022 06:20:12 GMT
server: cloudflare
vary: *, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 754bfa8c3cce80cb-NRT
access-control-allow-headers: Content-Type
expires: Tue, 04 Oct 2022 06:20:13 GMT

GET
H2 200 renews-title1.png
re-news.tw/images/ 24 KB
24 KB 326ms
102ms Image
image/png 35.185.136.122
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://re-news.tw/images/renews-title1.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.136.122 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 122.136.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
last-modified: Sun, 28 Nov 2021 04:19:19 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "61a30347-5fad"
content-length: 24493
content-type: image/png

GET
H2 200 1664795447-6f89095d11c4f1c2f18d6bfec45a7604-840x525.jpg
img.gbyhn.com.tw/2022/10/ 172 KB
173 KB 88ms
21ms Image
image/jpeg 2606:4700:3034::6815:6009
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gbyhn.com.tw/2022/10/1664795447-6f89095d11c4f1c2f18d6bfec45a7604-840x525.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:6009 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab5c98cd2ebe349135994b1d8ce5b356a88cea517868c16345aa132e9a89e41c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66947
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 176235
last-modified: Mon, 03 Oct 2022 11:10:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VE4QAT84EAEKJNnT6qo5kcjZlVETG7Y6cV34TibOKmxakcdrgIf3FoKedpF%2FlthRQHE8dAGSLT1BzSRyBqC1xRaJC1U5ZfHtxu7W6dl%2FKHSi25Non9hokVLAx2hcI5grKa%2FOYRssQPpA6QNJdfRL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 754bfa8c98f080d7-NRT
expires: Mon, 10 Oct 2022 11:11:17 GMT

GET
H2 200 S__40976621.jpg
i0.wp.com/golike.tw/wp-content/uploads/2022/07/ 304 KB
305 KB 10ms
2ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/golike.tw/wp-content/uploads/2022/07/S__40976621.jpg?fit=2048%2C1365&ssl=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

b8fe424887643513e694390df25cc96c1e15259f226ae89f67210d201ac07ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: HIT nrt 4
date: Tue, 04 Oct 2022 06:49:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 03 Oct 2022 09:55:59 GMT
server: nginx
etag: "f78848471542780b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://golike.tw/wp-content/uploads/2022/07/S__40976621.jpg>; rel="canonical"
content-length: 311322
expires: Wed, 02 Oct 2024 21:55:59 GMT

GET
H2 200 %E4%BF%A1%E7%94%A8%E8%B2%B8%E6%AC%BE%E5%8F%AF%E4%BB%A5%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E5%97%8E%EF%BC%9F%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E7%AB%9F%E7%84%B6%E8%A6%81%E4%BB%98%E9%81%95%E7%B4%8...
blog.alphaloan.co/wp-content/uploads/2022/10/ 133 KB
133 KB 230ms
151ms Image
image/jpeg 192.0.78.187
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.alphaloan.co/wp-content/uploads/2022/10/%E4%BF%A1%E7%94%A8%E8%B2%B8%E6%AC%BE%E5%8F%AF%E4%BB%A5%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E5%97%8E%EF%BC%9F%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E7%AB%9F%E7%84%B6%E8%A6%81%E4%BB%98%E9%81%95%E7%B4%84%E9%87%91%EF%BC%9F%E5%85%8D%E4%BB%98%E9%81%95%E7%B4%84%E9%87%91%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E6%96%B9%E5%BC%8F%E5%A4%A7%E5%85%AC%E9%96%8B%EF%BC%81.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b3105908d85e5136b409669ee0615fcd3b289a8cef67dc3e2fd77fe7481775e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=31536000
x-ac: 3.nrt _atomic_bur BYPASS
last-modified: Mon, 03 Oct 2022 04:45:24 GMT
server: nginx
etag: "633a68e4-213ff"
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 136191
expires: Tue, 11 Oct 2022 06:49:38 GMT

GET
H2 200 file.png
static.wixstatic.com/media/8d2acb_a70e33dbf569492da4ee50aad95882a8~mv2.jpg/v1/fit/w_1000,h_720,al_c,q_80/ 978 KB
979 KB 23ms
6ms Image
image/png 34.102.176.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/8d2acb_a70e33dbf569492da4ee50aad95882a8~mv2.jpg/v1/fit/w_1000,h_720,al_c,q_80/file.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.21.4.1 /
Resource Hash: 62b1f0416c870a765b275a92d20b350ba2697d40004df32d8684d0ecbee11cad

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 04:00:20 GMT
via: 1.1 google
server: openresty/1.21.4.1
age: 355757
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1001218
wix-tracer: 2FTK1nH3momTjnPnQ9XXF4o7J5g
x-seen-by: image-manipulator-5cdc794f79-lkpdc

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
440 B 130ms
39ms XHR
text/plain 2404:6800:4008:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-102456694-1&cid=120190530.1664866178&jid=1235366292&gjid=1212017802&_gid=1136600144.1664866178&_u=IEBAAEAAAAAAACAAI~&z=201008405

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c01::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Oct 2022 06:49:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame A57C 36 B
406 B 38ms
38ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

d562e2db81cf5d2baf4d0b8c5915b09228eacb7c9d6244369833f3eb3a75dc86

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 8BAB 36 B
406 B 38ms
38ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

d562e2db81cf5d2baf4d0b8c5915b09228eacb7c9d6244369833f3eb3a75dc86

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 394D 2 KB
990 B 123ms
31ms Script
text/html 52.68.234.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13858&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=907&o=1&d=1&b=2&ts=1&ii=3&FPCK=2609-LckY6NJpB7eGS5qKGAGQQ1egjFaVVaNf&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e5604c04b2b6c10df020ef9895c12d285291549ad870cc17e4d148e67725d1d0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 04 Oct 2022 06:49:38 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 394D 3 KB
3 KB 7ms
6ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 04 Oct 2022 06:49:37 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 20
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: 2OA-IBjXHR1mYddf41zJuIuTTMImCIKubhvwCP8LqJAbhSlLKdOagg==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 2EA1 2 KB
1009 B 119ms
28ms Script
text/html 52.68.234.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13860&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=495&o=1&d=1&b=2&ts=1&ii=3&FPCK=2609-LckY6NJpB7eGS5qKGAGQQ1egjFaVVaNf&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b9c633ec99609ca505f411564dcff965e53a1114c7953375ad457706df7ff319

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 04 Oct 2022 06:49:38 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 2EA1 3 KB
3 KB 5ms
4ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 04 Oct 2022 06:49:37 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 20
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: MNzS_isaT7qxTPOlgK9eZ2nB67ioU8uRZSm3h400mNr9nDUCKIviuA==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 2EA1 3 KB
3 KB 5ms
4ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 04 Oct 2022 06:49:18 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 20
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: lmRMoWwR-E4mVCDrckgWowry_zpM5Tu0X--wvvAAyn2pmZ5K-_99cg==

GET
H2 200 learn
tw-gmtdmp.mookie1.com/t/v2/ 43 B
641 B 71ms
52ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tw-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_98222&src.domain=reurl.cc&src.url=%252Fmain%252Ftw&src.id=ClickForce_Learn&src.rand=6039989009
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:38 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ 0
664 B 240ms
84ms Script
text/html 103.43.89.4
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?id=10761225&callback=window.xaxS.auctionResult&cb=1990866455

Requested by

Host: static-tagr.gd1.mookie1.com
URL: https://static-tagr.gd1.mookie1.com/s1/sas/lh1/checkSegmentsNFI.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Oct 2022 06:49:38 GMT
AN-X-Request-Uuid: 9fb4982b-b020-4491-970f-eb008bcc990e
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.252.188; 217.138.252.188; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 2EA1 0
170 B 273ms
91ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 04 Oct 2022 06:49:38 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 394D 0
170 B 272ms
91ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 04 Oct 2022 06:49:38 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 2EA1
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw

2 B
19 B

130ms
124ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 04 Oct 2022 06:49:38 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame A57C 30 B
278 B 42ms
41ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=885585f9-091c-4444-b1d9-5a5b759b082e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 8BAB 30 B
278 B 41ms
41ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=885585f9-091c-4444-b1d9-5a5b759b082e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 sOZEwCX9p1L.css
static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/ Frame 26B9 19 KB
5 KB 35ms
5ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/sOZEwCX9p1L.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dede984ccfbc82ba4591290ef567d7ca7de716e47cde227bab2fc493fbca6f1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: rEpQ+WIZF8ex7K/nVQbHSw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 4910
x-fb-rlafr: 0
x-fb-debug: T6IA+YDLd/avbjKmzVaDEBWKUCy/n5tJFfYvso39SKjWUf8b+K0En4T6dW7wRuvETNgTFWpLr71dC5Y6P/KrDQ==
x-fb-trip-id: 382461245
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 03 Oct 2023 18:10:28 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 1871 52 KB
24 KB 42ms
3ms Stylesheet
text/css 2404:6800:4004:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=amivyle6ona2

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Oct 2023 00:04:49 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 1871 389 KB
155 KB 44ms
5ms Script
text/javascript 2404:6800:4004:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bec7e5a49219ef10544321dbd44f27849644f20623c16f05baeeeaa73e3b9332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 18:44:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158844
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 18:44:51 GMT

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 2EA1 10 KB
10 KB 5ms
5ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13860&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=495&o=1&d=1&b=2&ts=1&ii=3&FPCK=2609-LckY6NJpB7eGS5qKGAGQQ1egjFaVVaNf&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 04 Oct 2022 06:48:49 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 50
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: Oh9_ilKGXAb1xOUTJNdeo5MVNA_kUAhjrf8dYsvvt3cIn55miT6F7Q==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 394D 10 KB
10 KB 4ms
4ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13858&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=907&o=1&d=1&b=2&ts=1&ii=3&FPCK=2609-LckY6NJpB7eGS5qKGAGQQ1egjFaVVaNf&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 04 Oct 2022 06:48:49 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 50
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: kj5Z0X1kVFzxweu7eMFoFT9DxxHMFvAa0KtRib4c2maneIWVBDSmlw==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 44ms
44ms Image
image/gif 2404:6800:4004:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-102456694-1&cid=120190530.1664866178&jid=1235366292&_u=IEBAAEAAAAAAACAAI~&z=1738110536

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
501 B 90ms
47ms Image
image/gif 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-102456694-1&cid=120190530.1664866178&jid=1235366292&_u=IEBAAEAAAAAAACAAI~&z=1738110536

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1871 2 KB
2 KB 3ms
3ms Image
image/png 2404:6800:4004:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 06:36:07 GMT
x-content-type-options: nosniff
age: 173611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 09 Oct 2022 06:36:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1871 15 KB
15 KB 47ms
5ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 22:47:32 GMT
x-content-type-options: nosniff
age: 28926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 22:47:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1871 15 KB
16 KB 46ms
4ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 22:47:30 GMT
x-content-type-options: nosniff
age: 28928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 22:47:30 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 1871 102 B
134 B 41ms
41ms Other
text/javascript 2404:6800:4004:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a9d9b6ad855e3519a6e1855e246f96ed682cac5ef46de032038c949615d1f5c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=amivyle6ona2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 04 Oct 2022 06:49:38 GMT

GET
H2 200 landing.php Show response
fp.holmesmind.com/ Frame 762B 0
249 B 109ms
45ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4622-hukPwInBLDgsunfFXQYYHUpDZdI41SmI&CFFPCKUUID=2609-LckY6NJpB7eGS5qKGAGQQ1egjFaVVaNf&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 04 Oct 2022 06:49:38 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 394D 5 KB
2 KB 34ms
33ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Tue, 04 Oct 2022 06:59:38 GMT

GET
H2 200 landing.php Show response
fp.holmesmind.com/ Frame 95D3 0
82 B 112ms
49ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4622-hukPwInBLDgsunfFXQYYHUpDZdI41SmI&CFFPCKUUID=2609-LckY6NJpB7eGS5qKGAGQQ1egjFaVVaNf&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 04 Oct 2022 06:49:38 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 2EA1 5 KB
2 KB 33ms
32ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Tue, 04 Oct 2022 06:59:38 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 19CA 7 KB
1 KB 46ms
44ms Document
text/html 2404:6800:4004:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a95e34a14ba43354909f31837c384802c155ae6908e632a91051df2fd271e7ce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6EAdFtlKKRUQBYksivzCPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1118
content-security-policy: script-src 'report-sample' 'nonce-6EAdFtlKKRUQBYksivzCPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 06:49:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
694 B 126ms
48ms Script
text/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-9999486404371312&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js?bust=31070101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d82c821f7dd327af20b7e06792d77f9728cffe459af95d8d13e2ff8180c70437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 166ms
46ms Script
application/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=reurl.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js?bust=31070101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 80ms
40ms Script
application/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js?bust=31070101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 36ms
36ms Image
image/gif 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&tn=DIV&cls=grecaptcha-badge&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 38ms
38ms Image
image/gif 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&tn=NAV&cls=navbar%20navbar-expand-lg%20navbar-dark%20bg-reurl%20fixed-top%20nav-no-padding&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E4AC 603 B
68 B 92ms
54ms Document
text/html 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9999486404371312&output=html&adk=1812271804&adf=3025194257&lmt=1664866178&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866177903&bpp=2&bdt=287&idt=337&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5686070854853&frm=20&pv=2&ga_vid=120190530.1664866178&ga_sid=1664866178&ga_hid=1149298176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070101%2C44774606%2C31067825&oid=2&pvsid=4222929635518223&tmod=1807624812&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=352

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js?bust=31070101

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 06:49:38 GMT
expires: Tue, 04 Oct 2022 06:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 19CA 52 KB
24 KB 3ms
2ms Stylesheet
text/css 2404:6800:4004:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Oct 2023 00:04:49 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 19CA 389 KB
155 KB 4ms
4ms Script
text/javascript 2404:6800:4004:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bec7e5a49219ef10544321dbd44f27849644f20623c16f05baeeeaa73e3b9332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 18:44:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158844
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 18:44:51 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 394D 36 B
399 B 38ms
37ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

d562e2db81cf5d2baf4d0b8c5915b09228eacb7c9d6244369833f3eb3a75dc86

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 cm Show response
t.ssp.hinet.net/ 0
187 B 42ms
42ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=885585f9-091c-4444-b1d9-5a5b759b082e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
885585f9-091c-4444-b1d9-5a5b759b082e.t.ssp.hinet.net/ 0
80 B 154ms
33ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://885585f9-091c-4444-b1d9-5a5b759b082e.t.ssp.hinet.net/pixel?bd=885585f9-091c-4444-b1d9-5a5b759b082e&t=a546ca&referrer=%25%25%20referrer%20%25%25

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 19CA 37 KB
22 KB 75ms
75ms XHR
application/json 2404:6800:4004:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8975086a5c8d5d0e75985c5addc620c07f793f14b52e4a2e5c50870ac14d3856

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22917
x-xss-protection: 1; mode=block
expires: Tue, 04 Oct 2022 06:49:38 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 7017 6 KB
7 KB 4ms
3ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date: Tue, 04 Oct 2022 06:48:52 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 47
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: gZmrxf2V8GTl8HAmSZDDDaM59lNS-yzt9RAR3yLDCdWh71ztVxKb4Q==

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 4572 6 KB
7 KB 2ms
2ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date: Tue, 04 Oct 2022 06:48:52 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 47
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: BzUGd32LId6_MkNrRvQePJQPTJPIr59OrfPQijCqU-ytr5mexp_M5w==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 1F9A 5 KB
5 KB 4ms
4ms Document
text/html 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 23
content-length: 4730
content-type: text/html
date: Tue, 04 Oct 2022 06:49:37 GMT
etag: "c36f5eb091d6195fe8b68f3b263f999b"
last-modified: Mon, 22 Aug 2022 03:00:17 GMT
server: AmazonS3
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
x-amz-cf-id: 06d3A8Z5af9Lm_xe2SvC3wlKdNbEP29-f1EvmwRFSHGhzjZmM2nFzA==
x-amz-cf-pop: NRT57-C1
x-amz-version-id: 9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame 7017 662 B
1001 B 4ms
3ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 04 Oct 2022 06:48:52 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 47
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: 1T9p79oFIJ28g4lna9gy1TpO1iukgKEi-qyn6nJ1a_oAoYe1cM1W0g==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 52B6 9 KB
10 KB 2ms
2ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date: Tue, 04 Oct 2022 06:49:16 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 03:00:16 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 23
etag: "ddf163a3d8381378b3e35e39339ad7ab"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9530
x-amz-cf-id: 17jezBuNc7z-cI4fmqpTa16EBmarC6eihGjpb_wLOJfQp4pI2XYMuw==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 6945 5 KB
5 KB 3ms
2ms Document
text/html 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 23
content-length: 4730
content-type: text/html
date: Tue, 04 Oct 2022 06:49:37 GMT
etag: "c36f5eb091d6195fe8b68f3b263f999b"
last-modified: Mon, 22 Aug 2022 03:00:17 GMT
server: AmazonS3
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
x-amz-cf-id: ugh5TX8wq9_t5oHASHXIWTOKPVeGpYEtKeq7-6nXYVX7ZGxUqei1Pw==
x-amz-cf-pop: NRT57-C1
x-amz-version-id: 9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame 4572 662 B
1004 B 3ms
2ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 04 Oct 2022 06:48:52 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 47
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: Kww_hWgpbNcPlYGUu1SzG9G0VwRcmnLdr5MdGYLEfR25q5eIuI4y9w==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 89D3 9 KB
10 KB 4ms
3ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date: Tue, 04 Oct 2022 06:49:16 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 03:00:16 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 23
etag: "ddf163a3d8381378b3e35e39339ad7ab"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9530
x-amz-cf-id: usSxxs6W5IfjWTdfMr3sbcl7sWjZh-7nu_8VHAWPDS2zWBKVbm5ZTQ==

GET cm.php
fcm.holmesmind.com/ Frame 9271 0
0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 1F9A 5 KB
2 KB 35ms
34ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Tue, 04 Oct 2022 06:59:38 GMT

GET
H3 200 cm
c.holmesmind.com/ Frame 1F9A 0
15 B 512ms
511ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:39 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2

200

google
m.holmesmind.com/ml/ Frame 1F9A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=215413-LQfeyxKhaE73iMT9BUhIU8Mn3oimBhcX&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=215413-LQfeyxKhaE73iMT9BUhIU8Mn3oimBhcX&uu_m=undefined&google_gid=CAESEHYw7R-OYFw4ti4Jdq-Skgo&google_cver=1

0
474 B

142ms
18ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=215413-LQfeyxKhaE73iMT9BUhIU8Mn3oimBhcX&uu_m=undefined&google_gid=CAESEHYw7R-OYFw4ti4Jdq-Skgo&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:39 GMT
x-guploader-uploadid: ADPycdviBMVSzWbEHjpiDrrz7p6adx7T_GlUqzgM2Y14ct-BadZS_yR6FOyaQezWtz-1WD12yClLlX0fcSHoXFqwZl_hTw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Tue, 04 Oct 2022 07:49:39 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=215413-LQfeyxKhaE73iMT9BUhIU8Mn3oimBhcX&uu_m=undefined&google_gid=CAESEHYw7R-OYFw4ti4Jdq-Skgo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 52B6 1 KB
740 B 9ms
9ms Script
text/html 2600:9000:2142:e800:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13861
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2142:e800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:48:15 GMT
content-encoding: gzip
via: 1.1 7c3e8304b6c3c0dabcdeb3243f709cb0.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: NRT57-C3
age: 83
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: fGzqZm7gzI-gtXbciSXDqdo_G0v9hMDMAKW7odffOjF8A8asI7xaoA==

GET
H3 200 cm
c.holmesmind.com/ Frame 6945 0
15 B 506ms
506ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:39 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET cm.php
fcm.holmesmind.com/ Frame E256 0
0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 6945 5 KB
2 KB 34ms
33ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Tue, 04 Oct 2022 06:59:38 GMT

GET
H2

200

google
m.holmesmind.com/ml/ Frame 6945
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=215413-LQfeyxKhaE73iMT9BUhIU8Mn3oimBhcX&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=215413-LQfeyxKhaE73iMT9BUhIU8Mn3oimBhcX&uu_m=undefined&google_gid=CAESEIU5L0ugrpGJUaGo6aJmFxs&google_cver=1

0
139 B

145ms
21ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=215413-LQfeyxKhaE73iMT9BUhIU8Mn3oimBhcX&uu_m=undefined&google_gid=CAESEIU5L0ugrpGJUaGo6aJmFxs&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:39 GMT
x-guploader-uploadid: ADPycds_0UzQ4AbPXeSF_B7krBvZwf6G6NHHFlDtVbVyh9niSK7nwbJ2nj2QzJLBrrPhe--2TuKz-Pu9KX1QRYrtcbVFqg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Tue, 04 Oct 2022 07:49:39 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=215413-LQfeyxKhaE73iMT9BUhIU8Mn3oimBhcX&uu_m=undefined&google_gid=CAESEIU5L0ugrpGJUaGo6aJmFxs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 89D3 1 KB
736 B 8ms
8ms Script
text/html 2600:9000:2142:e800:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13859
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2142:e800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 973c1c3635e44bf3bfe4fe4d5acbd83f571d5dbcb80046d161e1ca19963282dc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:48:15 GMT
content-encoding: gzip
via: 1.1 7c3e8304b6c3c0dabcdeb3243f709cb0.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: NRT57-C3
age: 83
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: WQccULOG4bLOgaYo8iInzQ-xW13hNJqhX4PGIIAlL0Y_sEfaFR5hRw==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 52B6 2 KB
1 KB 38ms
35ms Script
text/html 52.68.234.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13861&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=186&o=1&d=1&b=2&ts=1&ii=2&FPCK=2609-LckY6NJpB7eGS5qKGAGQQ1egjFaVVaNf&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c0c9b8b74d1adc173f31e26ad5bb6c6cc8f9ea03da924c488ddec4a4cce64ae5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 04 Oct 2022 06:49:38 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 52B6 3 KB
3 KB 7ms
4ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 04 Oct 2022 06:49:37 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 21
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: mUFqn2PfRAZwE8JEVM3F_PWFDhGfFj0dKqcHtLX4U6GRhdlHbRVYHQ==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 52B6 121 KB
40 KB 31ms
13ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

119e37f6f9552a67b6f761070add78e7f93db654027478a7c51e9e34f955b841

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 01 Oct 2022 02:55:29 GMT
server: nginx
etag: W/"6337ac21-1e358"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Oct 2022 06:49:38 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 52B6 2 KB
3 KB 11ms
9ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 04 Oct 2022 06:49:18 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 21
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: dLoLZj2i_CrpGt-ox2JNrgUQsZVa9LG3ZtSI3aGRRKbKaNslTOeVYw==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 52B6 4 KB
5 KB 11ms
9ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 04 Oct 2022 06:49:18 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 21
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: tG2zTbrDgp4Da0bSfU6vGHlz9-zR9OhCb6xoGudfuYvY9_cBz27xog==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 52B6 3 KB
3 KB 7ms
5ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 04 Oct 2022 06:49:18 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 21
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: 79Je-hPKjDxXi_9KYSSGxq06l-miurHi6dzL8-rjNV0_m88n8KJk1A==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 52B6 5 KB
6 KB 11ms
9ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57ccc997557736fe14c0a711336f7fa4e52aec8c657ec0a6c84dd53b64c2ad28

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: C_CT2it7FYeoKmEMdKAhaPlV3ImXri2w
date: Tue, 04 Oct 2022 06:48:47 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 07:54:11 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 52
etag: "f32e3ae07935b3472512bf8acc5908e8"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5552
x-amz-cf-id: qsFIz6t2GVQ9wbk5feI5vbKVgYjV9sp04EEreSq2xfWJphsK_m9w_A==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 89D3 2 KB
1 KB 25ms
24ms Script
text/html 52.68.234.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13859&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=509&o=1&d=1&b=2&ts=1&ii=2&FPCK=2609-LckY6NJpB7eGS5qKGAGQQ1egjFaVVaNf&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f36606609aec67ef4c837afa7079cea8f38de947c92e296c12e8675771dc35d1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 04 Oct 2022 06:49:38 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 89D3 3 KB
3 KB 10ms
9ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 04 Oct 2022 06:49:37 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 21
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: 9uDkU0qjwEk1QOP-3rl1B1SsTBnIz08DBIi5JebWjcXytMy3T5Joww==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 89D3 121 KB
40 KB 22ms
7ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

119e37f6f9552a67b6f761070add78e7f93db654027478a7c51e9e34f955b841

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 01 Oct 2022 02:55:29 GMT
server: nginx
etag: W/"6337ac21-1e358"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Oct 2022 06:49:38 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 89D3 2 KB
3 KB 11ms
11ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 04 Oct 2022 06:49:18 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 21
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: 3unJTyKBiEGc2cWwLelgXTLo2JyNSeHxfo2ZHKzIOz9CdKWrXEwsgQ==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 89D3 4 KB
5 KB 11ms
11ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 04 Oct 2022 06:49:18 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 21
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: JCczid5XudcrwhHvkU7ru9PDW-bwVDlgA7Fc7Y-vHxK710YnuJOFuQ==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 89D3 3 KB
3 KB 10ms
9ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 04 Oct 2022 06:49:18 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 21
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: AQICzij-fl8UGW9QDi5JR678CMon60Vp4t4mDiI3NqKSWewR7s3wAQ==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 89D3 5 KB
6 KB 11ms
11ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57ccc997557736fe14c0a711336f7fa4e52aec8c657ec0a6c84dd53b64c2ad28

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: C_CT2it7FYeoKmEMdKAhaPlV3ImXri2w
date: Tue, 04 Oct 2022 06:48:47 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 07:54:11 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 52
etag: "f32e3ae07935b3472512bf8acc5908e8"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5552
x-amz-cf-id: i2jeZZKOZV-BOTUxfhBV5NGROa_Nd8Q_zJNKXmrn9nU2CSzNFmrFQA==

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 52B6 0
170 B 95ms
95ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 04 Oct 2022 06:49:38 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 52B6
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw

2 B
19 B

119ms
119ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 04 Oct 2022 06:49:38 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 52B6
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw

2 B
19 B

121ms
121ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 04 Oct 2022 06:49:38 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 89D3 0
170 B 95ms
92ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 04 Oct 2022 06:49:38 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 52B6 0
27 B 121ms
46ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.474259060778484
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 52B6
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw

2 B
19 B

135ms
135ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 04 Oct 2022 06:49:38 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 89D3
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw

2 B
19 B

114ms
114ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 04 Oct 2022 06:49:38 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 89D3 0
159 B 119ms
46ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.1380232178158054
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 89D3
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw

2 B
19 B

48ms
48ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 04 Oct 2022 06:49:38 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=J2bJKmBHAouai4ltgtc7Yw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 1F9A 36 B
406 B 35ms
35ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

d562e2db81cf5d2baf4d0b8c5915b09228eacb7c9d6244369833f3eb3a75dc86

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 394D 0
187 B 41ms
40ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=4622-hukPwInBLDgsunfFXQYYHUpDZdI41SmI&mp=885585f9-091c-4444-b1d9-5a5b759b082e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
885585f9-091c-4444-b1d9-5a5b759b082e.t.ssp.hinet.net/ Frame 394D 0
79 B 39ms
38ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://885585f9-091c-4444-b1d9-5a5b759b082e.t.ssp.hinet.net/pixel?bd=885585f9-091c-4444-b1d9-5a5b759b082e&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 pixel
885585f9-091c-4444-b1d9-5a5b759b082e.t.ssp.hinet.net/ Frame 2EA1 0
79 B 39ms
38ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://885585f9-091c-4444-b1d9-5a5b759b082e.t.ssp.hinet.net/pixel?bd=885585f9-091c-4444-b1d9-5a5b759b082e&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 2EA1 0
187 B 38ms
38ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=4622-hukPwInBLDgsunfFXQYYHUpDZdI41SmI&mp=885585f9-091c-4444-b1d9-5a5b759b082e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 6945 36 B
406 B 37ms
36ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

d562e2db81cf5d2baf4d0b8c5915b09228eacb7c9d6244369833f3eb3a75dc86

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 89D3 10 KB
10 KB 4ms
3ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13859&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=509&o=1&d=1&b=2&ts=1&ii=2&FPCK=2609-LckY6NJpB7eGS5qKGAGQQ1egjFaVVaNf&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 04 Oct 2022 06:48:49 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 50
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: Jx_dD7HFi_MCm_7hqUDosU7r2Zg8hsXLUvJokNDQmon7GYgfqxpfmg==

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 89D3 177 B
425 B 29ms
19ms XHR
application/json 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=131&profileId=184&cb=23517927976

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

9316e08c224b7ee37b43359d5a87860003b3934f71e0d9a279dc12be2464f6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 163

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 52B6 10 KB
10 KB 2ms
2ms Script
application/javascript 2600:9000:21c5:3600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13861&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=186&o=1&d=1&b=2&ts=1&ii=2&FPCK=2609-LckY6NJpB7eGS5qKGAGQQ1egjFaVVaNf&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:3600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 04 Oct 2022 06:48:49 GMT
via: 1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 50
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: zIgEVq6rWSxgkGcchkRJwtQNfxb6my-0nyiKl4dA5IqtDYLp7PIYSA==

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 52B6 177 B
427 B 19ms
16ms XHR
application/json 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=131&profileId=184&cb=93621785780

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

b12bb41d084e3054bcafe5df2a6f03715bc803de1cf7edc4a88b640e41038bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 04 Oct 2022 06:49:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 164

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 1F9A 30 B
278 B 39ms
38ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=885585f9-091c-4444-b1d9-5a5b759b082e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ Frame 52B6 0
209 B 5ms
3ms Ping
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 6945 30 B
278 B 37ms
37ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=885585f9-091c-4444-b1d9-5a5b759b082e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ Frame 89D3 0
209 B 3ms
3ms Ping
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 04 Oct 2022 06:49:38 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H3 200 landing.php Show response
fp.holmesmind.com/ Frame F256 0
37 B 60ms
49ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4622-hukPwInBLDgsunfFXQYYHUpDZdI41SmI&CFFPCKUUID=2609-LckY6NJpB7eGS5qKGAGQQ1egjFaVVaNf&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 04 Oct 2022 06:49:39 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 52B6 5 KB
2 KB 45ms
40ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:39 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Tue, 04 Oct 2022 06:59:39 GMT

GET
H3 200 landing.php Show response
fp.holmesmind.com/ Frame 7062 0
37 B 55ms
52ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4622-hukPwInBLDgsunfFXQYYHUpDZdI41SmI&CFFPCKUUID=2609-LckY6NJpB7eGS5qKGAGQQ1egjFaVVaNf&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 04 Oct 2022 06:49:39 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 89D3 5 KB
2 KB 44ms
40ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:39 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Tue, 04 Oct 2022 06:59:39 GMT

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 1F9A 0
194 B 39ms
37ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=215413-LQfeyxKhaE73iMT9BUhIU8Mn3oimBhcX&mp=885585f9-091c-4444-b1d9-5a5b759b082e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:39 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
885585f9-091c-4444-b1d9-5a5b759b082e.t.ssp.hinet.net/ Frame 1F9A 0
79 B 36ms
35ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://885585f9-091c-4444-b1d9-5a5b759b082e.t.ssp.hinet.net/pixel?bd=885585f9-091c-4444-b1d9-5a5b759b082e&t=cf&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:39 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 pixel
885585f9-091c-4444-b1d9-5a5b759b082e.t.ssp.hinet.net/ Frame 6945 0
79 B 36ms
35ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://885585f9-091c-4444-b1d9-5a5b759b082e.t.ssp.hinet.net/pixel?bd=885585f9-091c-4444-b1d9-5a5b759b082e&t=cf&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:39 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 6945 0
194 B 40ms
40ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=215413-LQfeyxKhaE73iMT9BUhIU8Mn3oimBhcX&mp=885585f9-091c-4444-b1d9-5a5b759b082e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:39 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/apac-sg/ Frame AF09
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk

43 KB
43 KB

38ms
13ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5735
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43705
last-modified: Thu, 22 Sep 2022 10:10:22 GMT
server: cloudflare
etag: "632c348e-aab9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLo%2BhubClkXJurqj7YgV8C8zDHb150JHsTTzc1SBDt6pR2qvNJeyI6eYku2Li2iAs4dXS0aF%2BJF5zLszrXbQ1dKEjm3nH1mq5UOgjRHIqMyAYCxI1o%2BukOZEvcb9wd6u5NrNeByPzJrF8MPXbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 754bfa97ab69e05a-NRT

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection: close
Content-length: 0

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/apac-sg/ Frame 32DB
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk

43 KB
43 KB

28ms
10ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5735
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43705
last-modified: Thu, 22 Sep 2022 10:10:22 GMT
server: cloudflare
etag: "632c348e-aab9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnLD2OQTC7IZtkGc60wfe9lnOp04edrYW8rEz1mc1EpipYC4Ij4mARLmT5Y3q1eliqZDSgNUCMMgIDtGUPcK8bWLtfWts2m3tOAZ9F%2B9oA8LPNy4yTgq8cakPOzBJYir9ZJSy3Gr01lYpWbntQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 754bfa97ab6ae05a-NRT

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection: close
Content-length: 0

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 52B6 0
187 B 38ms
37ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=4622-hukPwInBLDgsunfFXQYYHUpDZdI41SmI&mp=885585f9-091c-4444-b1d9-5a5b759b082e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:39 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
885585f9-091c-4444-b1d9-5a5b759b082e.t.ssp.hinet.net/ Frame 52B6 0
79 B 36ms
35ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://885585f9-091c-4444-b1d9-5a5b759b082e.t.ssp.hinet.net/pixel?bd=885585f9-091c-4444-b1d9-5a5b759b082e&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:39 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 pixel
885585f9-091c-4444-b1d9-5a5b759b082e.t.ssp.hinet.net/ Frame 89D3 0
79 B 36ms
35ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://885585f9-091c-4444-b1d9-5a5b759b082e.t.ssp.hinet.net/pixel?bd=885585f9-091c-4444-b1d9-5a5b759b082e&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:39 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 89D3 0
187 B 37ms
37ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=4622-hukPwInBLDgsunfFXQYYHUpDZdI41SmI&mp=885585f9-091c-4444-b1d9-5a5b759b082e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:39 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 32DB 975 B
818 B 29ms
13ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5436
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnK4NNC%2FOGURIALoOdc%2BM61eoLQupBw%2Bq1cMukVXK1Q5pOzkqrnLYIuMsczi8hKk39Tc4DLP2hmadp%2B7Toq2IS6q3J2AmXwP%2BUft7onW%2BSeso7qBJvsjsZYGmqSIRE2KswUUsJ0ZUMcbB540ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 754bfa97e90ee03d-NRT

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 32DB 46 B
486 B 267ms
64ms XHR
text/html 64.120.88.131
LEASEWEB-APAC-HKG...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software: /
Resource Hash: 7cd02709331c2e467568e899d8931ce9535e72ed66536584e1144b9a071a6b47

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 06:49:40 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 32DB 554 B
1 KB 337ms
191ms XHR
text/html 103.254.153.160
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&adid=ad-BE7A8D43EB8B26491AD93B7AD2AB466&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.9406564055091831&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: cd42c2aaf9bb3ea7ad6ea15458266d65693e6b7d01e280f12bcdd1a7e0ce6133

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 06:49:40 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 554

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame AF09 975 B
778 B 18ms
18ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5436
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzKFoACKTx1FsaQlfGTMv9KcbFCuw%2Bk2PAxmMqe2z5AcJ4OpU3526dQSe7eE9lpkgDB21dQgOf4xwVJqw%2B0zwuKj4eigS60Sq77YOvSP5LcXV4I49GmEGrcKvS7094Ab%2BaocVhiqzyMXBnNX2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 754bfa98092ae03d-NRT

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame AF09 46 B
486 B 234ms
60ms XHR
text/html 64.120.88.131
LEASEWEB-APAC-HKG...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software: /
Resource Hash: 7cd02709331c2e467568e899d8931ce9535e72ed66536584e1144b9a071a6b47

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 06:49:40 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame AF09 554 B
1 KB 352ms
184ms XHR
text/html 103.254.153.160
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&adid=ad-E2B64EDA2E2EEE771779EE992A288D72&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.1899610119608639&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: a93f716cf27b006ca9b1cf4379be09a005335f365b3295659a07733c6c2127e1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 06:49:40 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 554

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame ABEC 714 B
777 B 14ms
13ms Document
text/html 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
age: 937
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 754bfa998b29e03d-NRT
content-encoding: br
content-type: text/html
date: Tue, 04 Oct 2022 06:49:40 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V30xm9s%2F9vT8Mdzl%2FMEF9vIp1le7kwdvJdSfBXPxmVKqsjoeLYBS9PzbCNYalrGWDu2O1A9w9c0iYzQUrMjGbjNH5TIDNqjFxt%2BAvQEgqUqmyKNOJ5W%2FlBczoYE0qqF1z%2FLMJtujYBqNcjb5UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame AF09 35 B
384 B 178ms
68ms Image
image/gif 64.120.88.131
LEASEWEB-APAC-HKG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 06:49:40 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame EC58 714 B
783 B 15ms
14ms Document
text/html 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
age: 937
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 754bfa999b36e03d-NRT
content-encoding: br
content-type: text/html
date: Tue, 04 Oct 2022 06:49:40 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Msy%2F0oAm86SGFUH7%2BvBPe6XdBvRbc3%2Fm0g%2BeJZ%2FHMbD5d%2FesoGQCQ%2B8x5KfWUWBS9rT0KAEyAKhF%2BRQS0J188c7l0K3HRZ7JMBWGxl5DTLlF6ZZnuzDjjrmEp93GojrVDynVSv4CPZX%2BuYTAOw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 32DB 35 B
384 B 170ms
62ms Image
image/gif 64.120.88.131
LEASEWEB-APAC-HKG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 06:49:40 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame ABEC 80 KB
28 KB 219ms
50ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc6cc9902ba2c4a1365a4cee4fa6806e040ce0882d39fe0e6258faf1ff05170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27709
x-xss-protection: 0
server: sffe
etag: "1353 / 179 of 1000 / last-modified: 1664834864"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Oct 2022 06:49:40 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame EC58 80 KB
27 KB 244ms
85ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f307b0f11d5462ae6daf0e71cf9f4663790d257db8c98a9ee90eb1a2f3dd8419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27706
x-xss-protection: 0
server: sffe
etag: "1353 / 670 of 1000 / last-modified: 1664834864"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Oct 2022 06:49:40 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 2F13 111 KB
37 KB 200ms
199ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cb22edccb12f17af8782e0a2a45f78c94a850fc147d01d0faab59d1fae178c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37840
x-xss-protection: 0
server: cafe
etag: 11919174252406241686
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 06:49:40 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame DC17 112 KB
37 KB 228ms
227ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04a1537a418972706b5185837242e72f33270367a386741e922570b46d97e0ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38088
x-xss-protection: 0
server: cafe
etag: 3013514778502583782
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 06:49:40 GMT

GET
H3 200 pubads_impl_2022092901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame ABEC 376 KB
127 KB 51ms
9ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js?cb=31070068

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54a6606bed93bee86d6763cdc2f435c3501de5b129044f7896fda2080e9d5caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 06:47:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130415
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 08:35:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 01 Oct 2023 06:47:57 GMT

GET
H3 200 pubads_impl_2022092701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame EC58 378 KB
128 KB 20ms
7ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 12:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326327
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131011
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 08:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 30 Sep 2023 12:10:53 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210030101/ Frame 2F13 351 KB
124 KB 93ms
93ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210030101/show_ads_impl_fy2021.js?bust=31070102

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

226666102666cf1058c1f5e77ca117b68189867b3247f80e4c6e04fa2cba6da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126709
x-xss-protection: 0
server: cafe
etag: 18211106175342440362
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 06:49:40 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ Frame DC17 349 KB
123 KB 113ms
113ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js?bust=31070101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4fcbedc3f21fc14bfcfe2a4e71236b85980a8e24a0d1eee42bd792241e0ef10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125829
x-xss-protection: 0
server: cafe
etag: 12159640348432991543
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 06:49:40 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ Frame ABEC 107 B
122 B 116ms
78ms Script
application/javascript 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js?cb=31070068

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame ABEC 107 B
122 B 121ms
81ms Script
application/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js?cb=31070068

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame ABEC 492 B
263 B 70ms
70ms XHR
text/plain 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2683019579277996&correlator=3914867332342163&eid=31069634%2C31069837%2C31070068&output=ldjh&gdfp_req=1&vrg=2022092901&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1664866180489&lmt=1644386353&dlt=1664866180106&idt=363&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=bcvpj2ncx5zy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=165452025.1664866180&ga_sid=1664866180&ga_hid=985892972&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js?cb=31070068

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6189cd19ddc3a81195a1f4e7b62fcdc7b7beee3fd1fffb1881cb18488b702d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
76f43514607048bbf0972e7f93706aab.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2918 6 KB
4 KB 136ms
51ms Document
text/html 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://76f43514607048bbf0972e7f93706aab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js?cb=31070068

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 06:49:40 GMT
expires: Wed, 04 Oct 2023 06:49:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ Frame EC58 107 B
122 B 46ms
39ms Script
application/javascript 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame EC58 107 B
122 B 51ms
42ms Script
application/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EC58 492 B
263 B 76ms
76ms XHR
text/plain 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1660153869273446&correlator=3716386013367420&eid=31069836%2C31070023%2C31070086%2C44775319%2C31068921&output=ldjh&gdfp_req=1&vrg=2022092701&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1664866180519&lmt=1644386353&dlt=1664866180123&idt=378&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=u5k9d7f2j2k0&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1169808946.1664866181&ga_sid=1664866181&ga_hid=10451779&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab79dd1e584e9b9ff4104d2d7d617ede2560c23461a26eaa736d639f0d252494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
41e19a6a77305dd49713ef69afb27eb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CC0B 6 KB
4 KB 141ms
46ms Document
text/html 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://41e19a6a77305dd49713ef69afb27eb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 06:49:40 GMT
expires: Wed, 04 Oct 2023 06:49:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 2F13 12 B
53 B 118ms
77ms Script
text/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210030101/show_ads_impl_fy2021.js?bust=31070102

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ Frame 2F13 107 B
122 B 44ms
44ms Script
application/javascript 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=reurl.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210030101/show_ads_impl_fy2021.js?bust=31070102

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2F13 107 B
122 B 49ms
48ms Script
application/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210030101/show_ads_impl_fy2021.js?bust=31070102

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 763E 17 KB
9 KB 260ms
260ms Document
text/html 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13803&adk=3215738614&adf=2645242783&pi=t.ma~as.2784%2F13803&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180413&bpp=20&bdt=594&idt=233&shv=r20220928&mjsv=m202210030101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=2&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=1794793696&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=935&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=793419206&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531706%2C31070102&oid=2&pvsid=4025329472131933&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vmxe9ay402ds&fsb=1&dtd=246

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210030101/show_ads_impl_fy2021.js?bust=31070102

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1154409e706f5b4c404517c182772f5f0d315f196a40e2efd4e31968990111a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 9427
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 06:49:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ABEC 14 KB
11 KB 93ms
52ms XHR
application/json 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js?cb=31070068

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f7c0f405af869b0d47570f8c5a217b989b06c944c5e0ce0b87a9e0b4c4456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11170
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame DC17 12 B
53 B 55ms
42ms Script
text/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js?bust=31070101

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ Frame DC17 107 B
122 B 57ms
57ms Script
application/javascript 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=reurl.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js?bust=31070101

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame DC17 107 B
122 B 56ms
55ms Script
application/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js?bust=31070101

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C8E3 17 KB
9 KB 247ms
246ms Document
text/html 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242782&pi=t.ma~as.2784%2F13802&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180450&bpp=11&bdt=603&idt=223&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=1&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=992895139&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=2519583734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069957%2C42531706%2C31070101%2C44772928&oid=2&pvsid=2807034736151455&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.24bfnz4o8ji8&fsb=1&dtd=236

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js?bust=31070101

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83d6b614c93ba33591828c57d44561c03307e4e5322db729c2689fdf16cbc5a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 9529
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 06:49:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EC58 14 KB
11 KB 64ms
54ms XHR
application/json 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19588a8fe2503dba010efc8cf950c9227bfd2eaf1ea7dea26d5a7aa8b3cd0c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11095
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame ABEC 17 KB
7 KB 259ms
205ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js?cb=31070068

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 04 Oct 2022 06:49:40 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EC58 17 KB
6 KB 413ms
363ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 04 Oct 2022 06:49:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 763E 42 B
63 B 42ms
41ms Image
image/gif 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BXKATS8fs0JPvEfarw8PBvHfrV9NNUQ6fgjd978dSkj7j2yriwLImD9Qnx9M3Z2UBaqDQzhu4NxVHJ-S-itFm7K6je6QT38JgY4gAHdDYNoQjaQHc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13803&adk=3215738614&adf=2645242783&pi=t.ma~as.2784%2F13803&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180413&bpp=20&bdt=594&idt=233&shv=r20220928&mjsv=m202210030101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=2&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=1794793696&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=935&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=793419206&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531706%2C31070102&oid=2&pvsid=4025329472131933&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vmxe9ay402ds&fsb=1&dtd=246

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 763E 3 KB
2 KB 5ms
4ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 06:37:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 763E 17 KB
7 KB 5ms
4ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 06:43:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 763E 0
0 42ms
41ms Image
text/html 2404:6800:4004:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSwdqvQzlE6rlr2MvRNALfDO1tRAWeCm3Qc1LLw-7of0cC6YbU2HD4cFuDUjTX1UUKI_cc7pezOJP-zC3_gzmlf0jQ9QQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13803&adk=3215738614&adf=2645242783&pi=t.ma~as.2784%2F13803&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180413&bpp=20&bdt=594&idt=233&shv=r20220928&mjsv=m202210030101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=2&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=1794793696&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=935&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=793419206&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531706%2C31070102&oid=2&pvsid=4025329472131933&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vmxe9ay402ds&fsb=1&dtd=246
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 763E 141 KB
44 KB 191ms
106ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44883
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664796838458510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 04 Oct 2022 06:49:41 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9C7A 611 B
316 B 184ms
180ms Document
text/html 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEY89bs0AEwAQ&v=APEucNVXQw1fw2PrP2zSZbtFc5bPE3CFcL0292YTu9bsnEG3zU8iUSt_M2xjo_u09O-nrOgOu82JTNdlk18EgKV4K5TA9EBu4w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13803&adk=3215738614&adf=2645242783&pi=t.ma~as.2784%2F13803&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180413&bpp=20&bdt=594&idt=233&shv=r20220928&mjsv=m202210030101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=2&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=1794793696&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=935&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=793419206&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531706%2C31070102&oid=2&pvsid=4025329472131933&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vmxe9ay402ds&fsb=1&dtd=246
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 06:49:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 763E 80 KB
33 KB 97ms
95ms Script
text/javascript 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AspTN3criQTIt3r-2f3bElvgrvrvOigjWIzBcAiopJKGpOSj0Jc1jFG2UXlovNr6ZNbMmQ03myZLTu0WZJipF25yG4Yw&cry=1&dbm_d=AKAmf-CDto8aybY_x49LfvcHl7E4OratHSQb_DhpCW5a_fV1dMMrLeeutezt6X59_KD_Ptk67me1uI8zWl289U-nPBmQdPqnznY8uHKzyWOF95UpOkcr2pY2kHtuev0LUehD72lJ5AMNSedtvZAOl0cJMWESV8WJtMBgJAUwe4toMztolJySJkOHS25AVoiPwtHDDpK1s-tUHfZ2YyO7vREadeueEt_L3NPA9Y8JcPiTsyGBE2hy7UOczGWkbjOD2ODUNI7tBdeCwLwAYbrLVCOWpUEx5W0FWIdioOSJjK1HzJQ2MBemM_yV-B8QYpA_kpVZUij6dY9btH_eTbx65Ecg_YRIPMYA46mvkUMv3ztRqSyWHtpXqh-COYWcjCZneIxdUGYTwIh5a3nM45UeMWhD_0Q6GKnO8Bb1k-P7cp10WLB7JmxlutIZ_YW_I9j3FBWZGzrQ80C88HKf3rG4HKv9yu8lUOizUCjAe9XYXKF6FifaMc4Jq8ThTz_zojaxv_Z0ra2xg5bzcLtYSGHCKcyzhRe0a80XzXbvQ8TabAfz60FQBne2tB1r71A-f56ffZrSngU9SCC8H2MV-_gc2dvj-FLXLkeSPhAhU06hifpiLnJ84darLv2UD0J9NxXj9irNawbEjifuDdoo8pCyv_fNbygIqxVgG6Pzg8Jd0zYwoWR_n1Ry7I_y1fttbNrrBAzkZJp-YnYy68TWW-sws2gxtnpeUhxDezUQncvNSj8EBiFa_IlEWS6zLGi4MwoNgZ1c1xAE88dNXkj-yxmTUxZO3eTJPdszXRmgNswTKZi-b56XAcsUvtIPi7RP9afCBh6bkSGrQY-Mg-2rCuGF_qhi3UqOrcsSfARC3sKFtAdgfudFEcfTLbvPAYd43j5lcaRKBBHfvkVZAAM1AEPEwVGyjZCRkID5c5fWtS1Qj9AC-UQgPWDyt9KZp2X_QAdQH8phr5cYOypYH4Ui5gETfe74xSVHuHpWMU4V7FKdzQKxborulxe8jq2SyMV3KJVLW2uBXtFrw0P8GYCxjlCJTJzbVd0UIXwP0MsCsMS8Y-eJePhf0wqcOJOZBnuJWr69vfWvaHBEDJpY0wEUSRiJ7ucZW1RE7Js7sYV71zl7DZKgcfhXbs6amX9UENWH3vMXzOxAAbVVaFsqt1FyCUMbCqXDvXR7mJ1i-OK2j1-vCmnJUjQsFazIze2kcfcvXf9e_pdgKsAr7-UNKtfSfJM92Dp1KdCazVkgERqzbfWTQazDS34U6gkMJ0p3UZRUDQs4rbtCZLVi9l3nMBo_owJ3xqypoLhonltDCEeEr51JQ2rtFbusviUTeaEV7a_I9rHQfe_UBmrXWcVDNm_edxmifbh5VkEDGwK5h5lXAS0tISb19whL3TP-gryPDYCrmNvZroHTOwU7mltrM8HcPiJayYWLCVzknHGgGw6c0iu7cyrWiLvUmk7Unjzxn1XbsB1L5YpAQaAIdTJN-a7vstZ2Lw-WLj_ykRRq9czlthwcFZYN_G--YBpp0DU8bcoJMNGrRfXI1SphV7c1LZRSAooTK5meX5xlSN5huRJp_tULFjv5ttFqisFIaAAH_PBMi23jqLuOEGydxa9QNYaZpxhVE7-rd2swZBo10Jmp1csNgGCXBVlTn1A9mbHuRwkkpnvDU7S61DtKWk0cl5QQbGeHYxrMMeElKY2wwNX98Zb-AMb-F43MklrK9VZ3_T3nnS0IGAoZywVYeP0J-ryV1QyFpfsUs8x1DvV9icrsp5xTMT16cCkOdGrRtIGfwsgEfoilvi6mVZBRCO6cO7xQY2DwetHNQSHmviel7mVEW84hpd3XnTLHf2SjVqy68F1qtgx68vULffp7cqWWKzm9xw7QF5pRf6jE_8YE4EMh8YE1FjhnjKrpxCb0MDU4RJ4QF9fGvb7Qq0lQLKDUp_L1U765C7osjjprlVZkcY5FpxR5-rhBCRJYvFoDFAfTOQjwPM5CvsA9WqGzRkx_tBmOzxuxCHRGxCvfZh0vzLbzImOQRD4N7yEeIyG2X40VorNTnmKgknG5CHudzEm7wN1xvXSXDS_QtnKDqQOjFjnpM_xrl6h1shlYqq7QFwTemxrnGb0SLLr0_0wwr5DEAmf52z5GdkJsNNjUPq_92enpFsutQEzrcTGejWpopYP4KvFiU0EH1A37cxvKyr0uKV42Es8xUNqMEEXFPbnt7tHarGa9ieBmrDgr4wAOgm2q2w3e6CLZzk4DtCwkd6UCVs2Q2eaUvSqgeecK3Y0QtsgraCvRhqYLvizipJbheOi9HaKORsBfdN72Z2GN9tIFHPPSVSxbGO3D5CsNIA36dLAdes1sTMnqCZPW_sPULk84dZK_XCAudJ9ze7Se2AogZQj6CaNnEEASiKM-SxDd5Hi2cceF6K0xM79u8bO0_FcErsLr7d_PZyZMtzKKt8h-0R6yi2Mw9DwJ_ZuLv7A11HKZsXNrDG1ZgULwUfldT1e2fNUVZ2ntwUy3hXR71glWyeaRxUXXMsPRd6dzpXJOhDnCbSj47ox_W49HiJG2a77o7AblBQJKixBciPyFquaq_T2usE8UzgFVge9EXUwqIVk94MfqPOtNQJSZjrh5yrDwKbER1ak1rbhmUNdQYmKledrER2c5FQqMOf0qRuBx4tDJC5G-3O-vDANUEyYTvDZOsLQF_eJDXYQ92AZqraCaiO0CF_xevD8VS01xxeprGcbk5jq1qLe2hIIy2q-DtKC_mRcnVaY_BJrcgLxInwMQBh9OPv9TJRCv2VA1192w8li3fyQc-FsG-d-ZzQu66PB7ZzkWI-T09YJN3P9rRdgMAqAEtnyF6wYH4ltDzo4Y9F79I5HtRyXnri56VKgV_i9jCKYFHobscA11Nvp4wFrMqihG7UHWN9H3nsqYV_MHe4k_-rpcfgEKNNy7mG4ub5HoImOsRpV9P0yjXBXax7eLcxW_Df3YAIfIVhzHQHzNrIm_jU-VtLRRFXV05ZQcv0vobo_mUduzwx4wQXyx2Ow1Sh9-Y0CGAI2RaUzF-UYHtGDLmg9tRT31vim-cHec7r-AWtes5OvghHTkTpd876ebvOhMX8-2elNxWgDk-Xxa4gNWkRCMuHvvKJ4OKktvx1-i-O8Abu1sK0rnnpBbOeWUSJIGT2V_ksc31VfB7AnEpLGs1zHYOjho9FV0E-XCL4-kes2YD6-CsXpKopgmvktxZxa2yq0vLFaIvi3nV0BGwQIcb8kxOMWMcgigjeXsVYXyg7y4_t1VXKZBVPmTe98lOwiIqEzyf5qraiO0k53I27sgAwgP9wX9-JHoB45jLbAXgiic3kuAYs4Oshzm7Rs9&cid=CAASJORofTAw0L-5dW0Pwdegnkz1oKqtMyMeLW5BZPrs_vfkXYqxzw&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

deadef603d503c2ddb416b3d7f6f9127cfe5cafb9e845d4db061ab3ff7be57d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13803&adk=3215738614&adf=2645242783&pi=t.ma~as.2784%2F13803&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180413&bpp=20&bdt=594&idt=233&shv=r20220928&mjsv=m202210030101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=2&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=1794793696&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=935&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=793419206&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531706%2C31070102&oid=2&pvsid=4025329472131933&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vmxe9ay402ds&fsb=1&dtd=246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34179
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C8E3 42 B
63 B 39ms
39ms Image
image/gif 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B02SQKdABfOT0AKbg0AnxNqg2BowfNWnbyuSTticcyh7t1xdxN9lY2a91yi-vQGUcujuHJb7NeAETsUvP_CaXCQRKcepgCHqZ42rtU5GjLQyaQgI4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242782&pi=t.ma~as.2784%2F13802&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180450&bpp=11&bdt=603&idt=223&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=1&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=992895139&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=2519583734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069957%2C42531706%2C31070101%2C44772928&oid=2&pvsid=2807034736151455&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.24bfnz4o8ji8&fsb=1&dtd=236

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame C8E3 3 KB
1 KB 53ms
5ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242782&pi=t.ma~as.2784%2F13802&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180450&bpp=11&bdt=603&idt=223&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=1&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=992895139&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=2519583734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069957%2C42531706%2C31070101%2C44772928&oid=2&pvsid=2807034736151455&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.24bfnz4o8ji8&fsb=1&dtd=236

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 06:40:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame C8E3 17 KB
7 KB 48ms
5ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242782&pi=t.ma~as.2784%2F13802&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180450&bpp=11&bdt=603&idt=223&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=1&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=992895139&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=2519583734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069957%2C42531706%2C31070101%2C44772928&oid=2&pvsid=2807034736151455&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.24bfnz4o8ji8&fsb=1&dtd=236

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:41:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 06:41:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C8E3 0
0 39ms
39ms Image
text/html 2404:6800:4004:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWfugrzOdRlhgEb_4ttijN0pwMvLHk9DQAGpCSEDqxikmTnu0SxcIBgQCkzAIFYjgADOWGTyHF_r2NaM__e2aZsp5Pdw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242782&pi=t.ma~as.2784%2F13802&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180450&bpp=11&bdt=603&idt=223&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=1&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=992895139&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=2519583734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069957%2C42531706%2C31070101%2C44772928&oid=2&pvsid=2807034736151455&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.24bfnz4o8ji8&fsb=1&dtd=236
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8E3 141 KB
44 KB 174ms
105ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242782&pi=t.ma~as.2784%2F13802&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180450&bpp=11&bdt=603&idt=223&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=1&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=992895139&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=2519583734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069957%2C42531706%2C31070101%2C44772928&oid=2&pvsid=2807034736151455&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.24bfnz4o8ji8&fsb=1&dtd=236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44883
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664796838458510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 04 Oct 2022 06:49:41 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7083 448 B
269 B 44ms
43ms Document
text/html 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEY89bs0AEwAQ&v=APEucNXtbqYwe8htk8txKfYpFMzVuKpLFsImLsVTngpWAgx2LGOHVSmCS7-7hGXU_YNNR8_qRxTUHWCQg_1s44tr15RUfzdhlA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242782&pi=t.ma~as.2784%2F13802&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180450&bpp=11&bdt=603&idt=223&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=1&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=992895139&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=2519583734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069957%2C42531706%2C31070101%2C44772928&oid=2&pvsid=2807034736151455&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.24bfnz4o8ji8&fsb=1&dtd=236

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242782&pi=t.ma~as.2784%2F13802&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180450&bpp=11&bdt=603&idt=223&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=1&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=992895139&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=2519583734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069957%2C42531706%2C31070101%2C44772928&oid=2&pvsid=2807034736151455&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.24bfnz4o8ji8&fsb=1&dtd=236
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 248
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 06:49:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C8E3 80 KB
33 KB 104ms
103ms Script
text/javascript 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5npn34lCk9rGxColfBbxLbDJYjC4V5hb00x-3Ch3VsaT9vDg9fp_kTpdlg3b-NDQIJZDeThfhnUiIZn9FDwHzf7e1jQ&cry=1&dbm_d=AKAmf-A-vVJyjgp38kEmQk3qNDWQW0dFxq66gQI-J8b--Ufx2ClybPXkT4vW_HvVcfzAVluzSnhcgUFntqljZ0jwENsUWMMd4FvtisgB4miNAuYcze5mLQDIIjfTdrHAIZB6svXC0zxr1UOqt8aZAc_5sfe6ksAeCT1XSWTfRQz_blVY12v-mna94Rejp-tdxcQKpZaaX55q6mOB1wMAQyizddO8vbwOW7ItyhQBPmBZBq9P1jAh4VXhZwENgkjDZ-9Irxi5FeJLo6MITttJrAvid1lT1Z-qtPCIlcBV1dt3kCmeWnxXPkeuulUzO7pNaiJNNxbCnBQrC-xEn_Msii6KunkW3_Wvkd8NdkguPJSyj8X53BKl2XJnqiKoGXvexCbnT-YDWMiinDOo_Mdwiyp4vyue5kXpy22m6izhZVUkgZvhTGWThIgKInM4huXa83XWem5hbpCWvBL84SI0Y-VdLv7ut1meWTQnhHNnhNi0UoM3FCqVEAF1espnver09wZiXMQKtRInxTxdHWy0ll3MYKAYrqeW4SO2AicZUKv8QjGlQUkhqo43puyjYnegpfnJy2YgW_Loe5rAM7lAwImVI7Dwi6HasfT5Z-zWxBgYj7IM-cqA4JZyLKBwQgWogwVcRxTau0hgwWN23cJ99AxR_SGKgCDFAgyXD3mKygBgQuwdbqTJAwwlNTioP1nhkJJZrr_ac4FjsxgViXl2pP9sfzTUXnSZ7syU_m_cEDzX3w22ZZJEENUzdObl7jCPwdlSRQKzWaHoylLNqnuYKnaRfOSn9gmVkPPX_KXKCm9a7QZ33RC5FZmnHO8fHHa4c4hb2Q_u4NUSdjwqlKpMoLxuxFWA1FaET9SGJRUG4NdOHbbgMHB76RZuezmqm1ND-vZXpmDeEZ9vSEZPz51st_IPFwNoX09zCnKabBkVZ1qaoqnsPmAmq3GqTDH0ISd-IXNV9c_FG-Yd7-iK-sQMzCp-9L3ZFeAk8zrj5NF2XEKyw9eiVnjzUelsnPASyReDiqgYPx4VUdZVlbnYNd_QDod4iqwDUz1iho298o5ioTupKocOd4zN_xLJiv9OagBRZVAHq3mnvfz3UZwebd5VhsSsHPvOycVeHUuMUOWm2buuPjMDXKEwTq1bYIo_Wi2IL6bIpxrPyN-rwm1XlAfp_RSuK2WUTLuH-w3kTjg5W9699iPoXkXC6Txwg6Yu7Uigkqq-nPzrG-QMFsZRIcEJfOHNN14BwAmSfSJMCdrBSMygox2WqlADDTS-SIBZyl2O5xXxEbAuOq2cnsJtFef_yFYazAQ5WwJyX0Eu6_SeM-w6aeQLFBs5cFTxefaqlAyWD2OAXZvWtKVX1MGQJoPecDiOXGP7ZPJr9c5DfLZEMmZGgh4MbKSnK7K-BVjPn0G0yLAsCZpERfyZxGDap_zDfaDhkK85ES9t2mZUIuJ1swcnAby9N6OgFNL69qbYqtRyEfD1s-qlsokRvlL5mAdiUZr1YCU2cnqmAP3fXFs4O86z8b6SlH7QTvabEZwQuwx_fSEyOLbtTCu6E6i1YA15iisApox-SoUPLi4JZ_6spjWidA59ot1t_K_uX_97dxnBo38HnSz-PBCyFE5LSyxFERw9R29qvSZyy25tduM6AWRuFzj8t6zenVf-ZBEYgxdmfFmDqHbE99TbrPawX5MtPBIZbeZvd28f6WrzXcyoMzRHdkfCv_lmOrptwUF8VywaZ9oCuTSKa6s5NiHcdjxTCvNPod_AkKCGXg0EecYExPggv1W-9RFIyHdenA9RQYqh6xU9h3A6Zc1rUFfxhpEPoO_LGAD2WrhUqHOVXd2KugIDlRpVZ2jWatqD3uPGXUMk0gmU4QUr8pdFwsPE3PlOVj-nLdMD9k2i17lQJXz0op__505usi78sam3Ox2WGes0JkCknwzlk92xAxGYT2rv5E8f4uPsM4SKNyV-a-PG4QN0A9bhxdsykhbkJptCGBOVIlqPTygvO56fRSGHte33Jz2whO3zrE66Uo6jinTGv8GYWVHbMc9NP_bDJhNA9y9kGjgSnJhId8Q31l_NLeJOF6nLDkUFLbrFMJOxcIdkOO7Y3Qp2r8wzZVq7vreovzWiJZcFY-Bid14I-PNaQBNWnsJA8iKJ2jnqKX8Ff3-ZJdzmwpke6bY88k61zN9DHtK0ceh2xk698I4Q6AJTxVkUtbo1Cys-1L7oEiznnB4dMf0nPgUgbheU5VG1-hrixaO3CTzjZdjjgS0hmHZqlhUvkR6JWA6-ON1xTbY9m9s4AmqT2rncdyex4KnMqNm6SyxW8UT_JJuVzLsy4M8n6_t05u9kU0NE9Z6j9D5nicdYGfR5m4jQecf-aOC2SjHjq05xiBBSp22swhSFyapZWJ4RRPb56qZrRF9kXRsEsPdTLt5uMChLhqLAWy2zz2lpR2fNnxIealyhiuwFH5T9jSpHmIfxu8XjmV_13EzlEncapw1Pr2B9-ZlC0skvMuKUCZeHR7DuQYbKaGV8oIkr91gg9720EhfFS3PEmrMqq9bQARaFrmhq-ZvSYI85OWpVOSs1HkpXHq5z7rIl8wKwO6elXlgFMjDTZLtTkflpeo5o8gY1hFeRRUzQpoGUSbWE9Vd3QePqZlQjzfdFYL6fBgZvpVIPmHwqpfj6sVHxnkKuqr6mGMFb47SbPaVQxL3iEnL88bGuRLoJUVW4fY832Bul5szPddMnPObQCz1C_waaG0tUp69WtyPotDjBxU1ydPp1qRIiY_JLt35E4VtTVrWrQBMtnN6qtRabD7LJC2HoEdt5FnWw_YNJrWGoZyMj0vRU4SIvdJ1-yp2B6mytbUQXQOaMSte5THjnLY5i1nHnze93asL6ehBt0L9jCdyZYWsoolxC0ytqduFukPHwS4v3Al0zYP2B9LW-ilGE6EOk3pzDxlgTL3eLXByeN_vds9HNuY5wmYZIOKuNDJEADmKFhssgEABm-ROVmCPQVPkYfxreWj1BK69_acYxTMg0ZJD7mXu0qyCudgDXDoji5x2COct_FjNVgLvMVnfoLL68wBlMtm4v40GPftbtvU5WPkaqwD-9WCDVLAxeEogP6WpST0zUOchc1cKxP_YFg56-4htt8YnzMfswZ3rrHfPJKe3rTxCLGH64XiuU1eVD6ZdT9oIPas_5IyViDtEnEpfrrl-chXn-lWrOPMoMM99fCXCnDPraHYzih3JP5KzJhibnRZivGulZbKxUwWB4MSQLbiQaBZNXVWHaXZm28iTUBl3iNmsZ5fGqY34o9SlLsSIL6xSQjpBVK9GkRTLzdrCbEjCXhe1nCEmHJHO8k03li4gCxVMCy7P5gsY6&cid=CAASJORo1SyrC5cqwMNEwPr4hk9GtpP4hT1s1Le4lJ_vsHBHBOsb4g&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242782&pi=t.ma~as.2784%2F13802&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180450&bpp=11&bdt=603&idt=223&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=1&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=992895139&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=2519583734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069957%2C42531706%2C31070101%2C44772928&oid=2&pvsid=2807034736151455&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.24bfnz4o8ji8&fsb=1&dtd=236

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bac106a2f97c9bed79e7fc1dc95a1642a5896d38551626fabb49e6e23ba09798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242782&pi=t.ma~as.2784%2F13802&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180450&bpp=11&bdt=603&idt=223&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=1&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=992895139&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=2519583734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069957%2C42531706%2C31070101%2C44772928&oid=2&pvsid=2807034736151455&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.24bfnz4o8ji8&fsb=1&dtd=236
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33994
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7083
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
188 B

45ms
45ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEY89bs0AEwAQ&v=APEucNXtbqYwe8htk8txKfYpFMzVuKpLFsImLsVTngpWAgx2LGOHVSmCS7-7hGXU_YNNR8_qRxTUHWCQg_1s44tr15RUfzdhlA

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 04 Oct 2022 06:49:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7083
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhzeSaYqHWApVyTF89MuZM&google_cver=1

43 B
843 B

29ms
29ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhzeSaYqHWApVyTF89MuZM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEY89bs0AEwAQ&v=APEucNXtbqYwe8htk8txKfYpFMzVuKpLFsImLsVTngpWAgx2LGOHVSmCS7-7hGXU_YNNR8_qRxTUHWCQg_1s44tr15RUfzdhlA
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFroJPATkzRVj8YyDmT4gnglm%2BwYABUhoMUI1hQXsOkU%2Fx2zCtodHOqiY2Acz0gfjCPu72%2FWNmTSFoF7TdpM4WkYUb0toSJbTt5IZNXBfGGHyvjafe8TtpWQsZQwhCCxBTCaHFhU7Ft2Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 754bfa9fdf930a9c-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhzeSaYqHWApVyTF89MuZM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7083
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzvXhQizfnX6eBxt21jUhAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhzeSaYqHWApVyTF89MuZM&google_cver=1

43 B
840 B

28ms
28ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhzeSaYqHWApVyTF89MuZM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEY89bs0AEwAQ&v=APEucNXtbqYwe8htk8txKfYpFMzVuKpLFsImLsVTngpWAgx2LGOHVSmCS7-7hGXU_YNNR8_qRxTUHWCQg_1s44tr15RUfzdhlA
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWOUBFn20lmieDoWViBc%2FX9Yo59pb3OL95zdeKUinEG5ws7zadyyp5IuuT3MntqQGRQbbotypG0PUsa7ywdbm4Nu2%2FpG5lHxxzWQ8isyzmsU9qbiFDMZbx5u%2BqIci9WcqoBIIiKnx6f4vg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 754bfaa02fd80a9c-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhzeSaYqHWApVyTF89MuZM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C81A 13 KB
5 KB 5ms
4ms Document
text/html 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 138929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 16:14:12 GMT
expires: Mon, 02 Oct 2023 16:14:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 839B 783 B
534 B 190ms
190ms Document
text/html 2404:6800:4004:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d91aeaab8e210f7616bd1f867ea8742261e3f37986433cf8a266bc54c8b96adb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-caYp96fvzuWZXBCabbQtZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-caYp96fvzuWZXBCabbQtZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 06:49:41 GMT
expires: Tue, 04 Oct 2022 06:49:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame C81A 36 KB
16 KB 2ms
2ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:48:15 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C8E3 106 KB
38 KB 59ms
11ms Script
text/javascript 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 10:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Oct 2022 10:41:26 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame C8E3 8 KB
3 KB 4ms
4ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5npn34lCk9rGxColfBbxLbDJYjC4V5hb00x-3Ch3VsaT9vDg9fp_kTpdlg3b-NDQIJZDeThfhnUiIZn9FDwHzf7e1jQ&cry=1&dbm_d=AKAmf-A-vVJyjgp38kEmQk3qNDWQW0dFxq66gQI-J8b--Ufx2ClybPXkT4vW_HvVcfzAVluzSnhcgUFntqljZ0jwENsUWMMd4FvtisgB4miNAuYcze5mLQDIIjfTdrHAIZB6svXC0zxr1UOqt8aZAc_5sfe6ksAeCT1XSWTfRQz_blVY12v-mna94Rejp-tdxcQKpZaaX55q6mOB1wMAQyizddO8vbwOW7ItyhQBPmBZBq9P1jAh4VXhZwENgkjDZ-9Irxi5FeJLo6MITttJrAvid1lT1Z-qtPCIlcBV1dt3kCmeWnxXPkeuulUzO7pNaiJNNxbCnBQrC-xEn_Msii6KunkW3_Wvkd8NdkguPJSyj8X53BKl2XJnqiKoGXvexCbnT-YDWMiinDOo_Mdwiyp4vyue5kXpy22m6izhZVUkgZvhTGWThIgKInM4huXa83XWem5hbpCWvBL84SI0Y-VdLv7ut1meWTQnhHNnhNi0UoM3FCqVEAF1espnver09wZiXMQKtRInxTxdHWy0ll3MYKAYrqeW4SO2AicZUKv8QjGlQUkhqo43puyjYnegpfnJy2YgW_Loe5rAM7lAwImVI7Dwi6HasfT5Z-zWxBgYj7IM-cqA4JZyLKBwQgWogwVcRxTau0hgwWN23cJ99AxR_SGKgCDFAgyXD3mKygBgQuwdbqTJAwwlNTioP1nhkJJZrr_ac4FjsxgViXl2pP9sfzTUXnSZ7syU_m_cEDzX3w22ZZJEENUzdObl7jCPwdlSRQKzWaHoylLNqnuYKnaRfOSn9gmVkPPX_KXKCm9a7QZ33RC5FZmnHO8fHHa4c4hb2Q_u4NUSdjwqlKpMoLxuxFWA1FaET9SGJRUG4NdOHbbgMHB76RZuezmqm1ND-vZXpmDeEZ9vSEZPz51st_IPFwNoX09zCnKabBkVZ1qaoqnsPmAmq3GqTDH0ISd-IXNV9c_FG-Yd7-iK-sQMzCp-9L3ZFeAk8zrj5NF2XEKyw9eiVnjzUelsnPASyReDiqgYPx4VUdZVlbnYNd_QDod4iqwDUz1iho298o5ioTupKocOd4zN_xLJiv9OagBRZVAHq3mnvfz3UZwebd5VhsSsHPvOycVeHUuMUOWm2buuPjMDXKEwTq1bYIo_Wi2IL6bIpxrPyN-rwm1XlAfp_RSuK2WUTLuH-w3kTjg5W9699iPoXkXC6Txwg6Yu7Uigkqq-nPzrG-QMFsZRIcEJfOHNN14BwAmSfSJMCdrBSMygox2WqlADDTS-SIBZyl2O5xXxEbAuOq2cnsJtFef_yFYazAQ5WwJyX0Eu6_SeM-w6aeQLFBs5cFTxefaqlAyWD2OAXZvWtKVX1MGQJoPecDiOXGP7ZPJr9c5DfLZEMmZGgh4MbKSnK7K-BVjPn0G0yLAsCZpERfyZxGDap_zDfaDhkK85ES9t2mZUIuJ1swcnAby9N6OgFNL69qbYqtRyEfD1s-qlsokRvlL5mAdiUZr1YCU2cnqmAP3fXFs4O86z8b6SlH7QTvabEZwQuwx_fSEyOLbtTCu6E6i1YA15iisApox-SoUPLi4JZ_6spjWidA59ot1t_K_uX_97dxnBo38HnSz-PBCyFE5LSyxFERw9R29qvSZyy25tduM6AWRuFzj8t6zenVf-ZBEYgxdmfFmDqHbE99TbrPawX5MtPBIZbeZvd28f6WrzXcyoMzRHdkfCv_lmOrptwUF8VywaZ9oCuTSKa6s5NiHcdjxTCvNPod_AkKCGXg0EecYExPggv1W-9RFIyHdenA9RQYqh6xU9h3A6Zc1rUFfxhpEPoO_LGAD2WrhUqHOVXd2KugIDlRpVZ2jWatqD3uPGXUMk0gmU4QUr8pdFwsPE3PlOVj-nLdMD9k2i17lQJXz0op__505usi78sam3Ox2WGes0JkCknwzlk92xAxGYT2rv5E8f4uPsM4SKNyV-a-PG4QN0A9bhxdsykhbkJptCGBOVIlqPTygvO56fRSGHte33Jz2whO3zrE66Uo6jinTGv8GYWVHbMc9NP_bDJhNA9y9kGjgSnJhId8Q31l_NLeJOF6nLDkUFLbrFMJOxcIdkOO7Y3Qp2r8wzZVq7vreovzWiJZcFY-Bid14I-PNaQBNWnsJA8iKJ2jnqKX8Ff3-ZJdzmwpke6bY88k61zN9DHtK0ceh2xk698I4Q6AJTxVkUtbo1Cys-1L7oEiznnB4dMf0nPgUgbheU5VG1-hrixaO3CTzjZdjjgS0hmHZqlhUvkR6JWA6-ON1xTbY9m9s4AmqT2rncdyex4KnMqNm6SyxW8UT_JJuVzLsy4M8n6_t05u9kU0NE9Z6j9D5nicdYGfR5m4jQecf-aOC2SjHjq05xiBBSp22swhSFyapZWJ4RRPb56qZrRF9kXRsEsPdTLt5uMChLhqLAWy2zz2lpR2fNnxIealyhiuwFH5T9jSpHmIfxu8XjmV_13EzlEncapw1Pr2B9-ZlC0skvMuKUCZeHR7DuQYbKaGV8oIkr91gg9720EhfFS3PEmrMqq9bQARaFrmhq-ZvSYI85OWpVOSs1HkpXHq5z7rIl8wKwO6elXlgFMjDTZLtTkflpeo5o8gY1hFeRRUzQpoGUSbWE9Vd3QePqZlQjzfdFYL6fBgZvpVIPmHwqpfj6sVHxnkKuqr6mGMFb47SbPaVQxL3iEnL88bGuRLoJUVW4fY832Bul5szPddMnPObQCz1C_waaG0tUp69WtyPotDjBxU1ydPp1qRIiY_JLt35E4VtTVrWrQBMtnN6qtRabD7LJC2HoEdt5FnWw_YNJrWGoZyMj0vRU4SIvdJ1-yp2B6mytbUQXQOaMSte5THjnLY5i1nHnze93asL6ehBt0L9jCdyZYWsoolxC0ytqduFukPHwS4v3Al0zYP2B9LW-ilGE6EOk3pzDxlgTL3eLXByeN_vds9HNuY5wmYZIOKuNDJEADmKFhssgEABm-ROVmCPQVPkYfxreWj1BK69_acYxTMg0ZJD7mXu0qyCudgDXDoji5x2COct_FjNVgLvMVnfoLL68wBlMtm4v40GPftbtvU5WPkaqwD-9WCDVLAxeEogP6WpST0zUOchc1cKxP_YFg56-4htt8YnzMfswZ3rrHfPJKe3rTxCLGH64XiuU1eVD6ZdT9oIPas_5IyViDtEnEpfrrl-chXn-lWrOPMoMM99fCXCnDPraHYzih3JP5KzJhibnRZivGulZbKxUwWB4MSQLbiQaBZNXVWHaXZm28iTUBl3iNmsZ5fGqY34o9SlLsSIL6xSQjpBVK9GkRTLzdrCbEjCXhe1nCEmHJHO8k03li4gCxVMCy7P5gsY6&cid=CAASJORo1SyrC5cqwMNEwPr4hk9GtpP4hT1s1Le4lJ_vsHBHBOsb4g&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 06:29:56 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame C8E3 30 KB
11 KB 11ms
10ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 764
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11727
x-xss-protection: 0
server: cafe
etag: 4188671789125589074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 06:36:57 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 763E 106 KB
37 KB 58ms
16ms Script
text/javascript 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 10:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Oct 2022 10:41:26 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 763E 8 KB
3 KB 10ms
10ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AspTN3criQTIt3r-2f3bElvgrvrvOigjWIzBcAiopJKGpOSj0Jc1jFG2UXlovNr6ZNbMmQ03myZLTu0WZJipF25yG4Yw&cry=1&dbm_d=AKAmf-CDto8aybY_x49LfvcHl7E4OratHSQb_DhpCW5a_fV1dMMrLeeutezt6X59_KD_Ptk67me1uI8zWl289U-nPBmQdPqnznY8uHKzyWOF95UpOkcr2pY2kHtuev0LUehD72lJ5AMNSedtvZAOl0cJMWESV8WJtMBgJAUwe4toMztolJySJkOHS25AVoiPwtHDDpK1s-tUHfZ2YyO7vREadeueEt_L3NPA9Y8JcPiTsyGBE2hy7UOczGWkbjOD2ODUNI7tBdeCwLwAYbrLVCOWpUEx5W0FWIdioOSJjK1HzJQ2MBemM_yV-B8QYpA_kpVZUij6dY9btH_eTbx65Ecg_YRIPMYA46mvkUMv3ztRqSyWHtpXqh-COYWcjCZneIxdUGYTwIh5a3nM45UeMWhD_0Q6GKnO8Bb1k-P7cp10WLB7JmxlutIZ_YW_I9j3FBWZGzrQ80C88HKf3rG4HKv9yu8lUOizUCjAe9XYXKF6FifaMc4Jq8ThTz_zojaxv_Z0ra2xg5bzcLtYSGHCKcyzhRe0a80XzXbvQ8TabAfz60FQBne2tB1r71A-f56ffZrSngU9SCC8H2MV-_gc2dvj-FLXLkeSPhAhU06hifpiLnJ84darLv2UD0J9NxXj9irNawbEjifuDdoo8pCyv_fNbygIqxVgG6Pzg8Jd0zYwoWR_n1Ry7I_y1fttbNrrBAzkZJp-YnYy68TWW-sws2gxtnpeUhxDezUQncvNSj8EBiFa_IlEWS6zLGi4MwoNgZ1c1xAE88dNXkj-yxmTUxZO3eTJPdszXRmgNswTKZi-b56XAcsUvtIPi7RP9afCBh6bkSGrQY-Mg-2rCuGF_qhi3UqOrcsSfARC3sKFtAdgfudFEcfTLbvPAYd43j5lcaRKBBHfvkVZAAM1AEPEwVGyjZCRkID5c5fWtS1Qj9AC-UQgPWDyt9KZp2X_QAdQH8phr5cYOypYH4Ui5gETfe74xSVHuHpWMU4V7FKdzQKxborulxe8jq2SyMV3KJVLW2uBXtFrw0P8GYCxjlCJTJzbVd0UIXwP0MsCsMS8Y-eJePhf0wqcOJOZBnuJWr69vfWvaHBEDJpY0wEUSRiJ7ucZW1RE7Js7sYV71zl7DZKgcfhXbs6amX9UENWH3vMXzOxAAbVVaFsqt1FyCUMbCqXDvXR7mJ1i-OK2j1-vCmnJUjQsFazIze2kcfcvXf9e_pdgKsAr7-UNKtfSfJM92Dp1KdCazVkgERqzbfWTQazDS34U6gkMJ0p3UZRUDQs4rbtCZLVi9l3nMBo_owJ3xqypoLhonltDCEeEr51JQ2rtFbusviUTeaEV7a_I9rHQfe_UBmrXWcVDNm_edxmifbh5VkEDGwK5h5lXAS0tISb19whL3TP-gryPDYCrmNvZroHTOwU7mltrM8HcPiJayYWLCVzknHGgGw6c0iu7cyrWiLvUmk7Unjzxn1XbsB1L5YpAQaAIdTJN-a7vstZ2Lw-WLj_ykRRq9czlthwcFZYN_G--YBpp0DU8bcoJMNGrRfXI1SphV7c1LZRSAooTK5meX5xlSN5huRJp_tULFjv5ttFqisFIaAAH_PBMi23jqLuOEGydxa9QNYaZpxhVE7-rd2swZBo10Jmp1csNgGCXBVlTn1A9mbHuRwkkpnvDU7S61DtKWk0cl5QQbGeHYxrMMeElKY2wwNX98Zb-AMb-F43MklrK9VZ3_T3nnS0IGAoZywVYeP0J-ryV1QyFpfsUs8x1DvV9icrsp5xTMT16cCkOdGrRtIGfwsgEfoilvi6mVZBRCO6cO7xQY2DwetHNQSHmviel7mVEW84hpd3XnTLHf2SjVqy68F1qtgx68vULffp7cqWWKzm9xw7QF5pRf6jE_8YE4EMh8YE1FjhnjKrpxCb0MDU4RJ4QF9fGvb7Qq0lQLKDUp_L1U765C7osjjprlVZkcY5FpxR5-rhBCRJYvFoDFAfTOQjwPM5CvsA9WqGzRkx_tBmOzxuxCHRGxCvfZh0vzLbzImOQRD4N7yEeIyG2X40VorNTnmKgknG5CHudzEm7wN1xvXSXDS_QtnKDqQOjFjnpM_xrl6h1shlYqq7QFwTemxrnGb0SLLr0_0wwr5DEAmf52z5GdkJsNNjUPq_92enpFsutQEzrcTGejWpopYP4KvFiU0EH1A37cxvKyr0uKV42Es8xUNqMEEXFPbnt7tHarGa9ieBmrDgr4wAOgm2q2w3e6CLZzk4DtCwkd6UCVs2Q2eaUvSqgeecK3Y0QtsgraCvRhqYLvizipJbheOi9HaKORsBfdN72Z2GN9tIFHPPSVSxbGO3D5CsNIA36dLAdes1sTMnqCZPW_sPULk84dZK_XCAudJ9ze7Se2AogZQj6CaNnEEASiKM-SxDd5Hi2cceF6K0xM79u8bO0_FcErsLr7d_PZyZMtzKKt8h-0R6yi2Mw9DwJ_ZuLv7A11HKZsXNrDG1ZgULwUfldT1e2fNUVZ2ntwUy3hXR71glWyeaRxUXXMsPRd6dzpXJOhDnCbSj47ox_W49HiJG2a77o7AblBQJKixBciPyFquaq_T2usE8UzgFVge9EXUwqIVk94MfqPOtNQJSZjrh5yrDwKbER1ak1rbhmUNdQYmKledrER2c5FQqMOf0qRuBx4tDJC5G-3O-vDANUEyYTvDZOsLQF_eJDXYQ92AZqraCaiO0CF_xevD8VS01xxeprGcbk5jq1qLe2hIIy2q-DtKC_mRcnVaY_BJrcgLxInwMQBh9OPv9TJRCv2VA1192w8li3fyQc-FsG-d-ZzQu66PB7ZzkWI-T09YJN3P9rRdgMAqAEtnyF6wYH4ltDzo4Y9F79I5HtRyXnri56VKgV_i9jCKYFHobscA11Nvp4wFrMqihG7UHWN9H3nsqYV_MHe4k_-rpcfgEKNNy7mG4ub5HoImOsRpV9P0yjXBXax7eLcxW_Df3YAIfIVhzHQHzNrIm_jU-VtLRRFXV05ZQcv0vobo_mUduzwx4wQXyx2Ow1Sh9-Y0CGAI2RaUzF-UYHtGDLmg9tRT31vim-cHec7r-AWtes5OvghHTkTpd876ebvOhMX8-2elNxWgDk-Xxa4gNWkRCMuHvvKJ4OKktvx1-i-O8Abu1sK0rnnpBbOeWUSJIGT2V_ksc31VfB7AnEpLGs1zHYOjho9FV0E-XCL4-kes2YD6-CsXpKopgmvktxZxa2yq0vLFaIvi3nV0BGwQIcb8kxOMWMcgigjeXsVYXyg7y4_t1VXKZBVPmTe98lOwiIqEzyf5qraiO0k53I27sgAwgP9wX9-JHoB45jLbAXgiic3kuAYs4Oshzm7Rs9&cid=CAASJORofTAw0L-5dW0Pwdegnkz1oKqtMyMeLW5BZPrs_vfkXYqxzw&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 06:29:56 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 763E 30 KB
11 KB 9ms
9ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 764
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11727
x-xss-protection: 0
server: cafe
etag: 4188671789125589074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 06:36:57 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C81A 0
10 B 13ms
13ms Image
text/plain 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TBdHQg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 9C7A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMhyJgVU4fshXo7YN56CXgQ&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMhyJgVU4fshXo7YN56CXgQ%26google_cver%3D1

43 B
1 KB

114ms
114ms

Image
image/gif

103.43.89.4
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMhyJgVU4fshXo7YN56CXgQ%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEY89bs0AEwAQ&v=APEucNVXQw1fw2PrP2zSZbtFc5bPE3CFcL0292YTu9bsnEG3zU8iUSt_M2xjo_u09O-nrOgOu82JTNdlk18EgKV4K5TA9EBu4w

Protocol

HTTP/1.1

Server

103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Oct 2022 06:49:41 GMT
AN-X-Request-Uuid: 6e908c85-62a0-41af-8788-197322f0d981
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.252.188; 217.138.252.188; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 Oct 2022 06:49:41 GMT
AN-X-Request-Uuid: 719249b7-ff02-46d6-a513-1db323279cd7
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMhyJgVU4fshXo7YN56CXgQ%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.252.188; 217.138.252.188; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C7A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM2NTg5MjI2MDE4NDcxMTI5Nw%3D%3D

170 B
188 B

53ms
53ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM2NTg5MjI2MDE4NDcxMTI5Nw%3D%3D

Requested by

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 Oct 2022 06:49:41 GMT
AN-X-Request-Uuid: dd015fac-e1ff-4240-8aff-9b37763e8d49
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM2NTg5MjI2MDE4NDcxMTI5Nw%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.252.188; 217.138.252.188; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 9C7A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDSi58DbpUTPmmsJ6H4bsAI&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDSi58DbpUTPmmsJ6H4bsAI&google_cver=1

43 B
61 B

43ms
43ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDSi58DbpUTPmmsJ6H4bsAI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmB9wIQusfS_QEY89bs0AEwAQ&v=APEucNVXQw1fw2PrP2zSZbtFc5bPE3CFcL0292YTu9bsnEG3zU8iUSt_M2xjo_u09O-nrOgOu82JTNdlk18EgKV4K5TA9EBu4w
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDSi58DbpUTPmmsJ6H4bsAI&google_cver=1
date: Tue, 04 Oct 2022 06:49:41 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C7A
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTRjYmQ2ZTUtZDc4MS0yZDQ5LWRmN2UtNzdiZTE2NzFhZGQ5

170 B
188 B

42ms
42ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTRjYmQ2ZTUtZDc4MS0yZDQ5LWRmN2UtNzdiZTE2NzFhZGQ5

Requested by

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 04 Oct 2022 06:49:41 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTRjYmQ2ZTUtZDc4MS0yZDQ5LWRmN2UtNzdiZTE2NzFhZGQ5
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C8E3 41 KB
15 KB 10ms
10ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242782&pi=t.ma~as.2784%2F13802&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180450&bpp=11&bdt=603&idt=223&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=1&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=992895139&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=2519583734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069957%2C42531706%2C31070101%2C44772928&oid=2&pvsid=2807034736151455&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.24bfnz4o8ji8&fsb=1&dtd=236

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 13:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 406225
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Sep 2023 13:59:16 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 665A 1 KB
749 B 10ms
10ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242782&pi=t.ma~as.2784%2F13802&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180450&bpp=11&bdt=603&idt=223&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=1&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=992895139&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=2519583734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069957%2C42531706%2C31070101%2C44772928&oid=2&pvsid=2807034736151455&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.24bfnz4o8ji8&fsb=1&dtd=236

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 62934
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 13:20:47 GMT
etag: 48472445140208031
expires: Tue, 04 Oct 2022 13:20:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C8E3 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8b0f88a8197ec7271948a5c581ae86ccadde57bbe8b3a94d03abf74cb702475

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 763E 41 KB
15 KB 8ms
7ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 13:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 406225
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Sep 2023 13:59:16 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CFE1 1 KB
749 B 7ms
7ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 62934
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 13:20:47 GMT
etag: 48472445140208031
expires: Tue, 04 Oct 2022 13:20:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 763E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d49bb75b599d30a3703d3b36d57bfe92fbb82d4a08db3e6e0e9d36dce0d6fbe

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5F85 22 KB
8 KB 9ms
9ms Document
text/html 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 262983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 01 Oct 2022 05:46:38 GMT
expires: Sun, 01 Oct 2023 05:46:38 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 665A 35 B
464 B 279ms
99ms Image
image/gif 2620:116:800e:21:46d:7e81:55ff:4c12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBmMUVsNEnNckm3jEyzwHp8&google_cver=1&google_push=AZmPxg8Pc7nrKZKmesc7LTKy0Hs-86aM7551PubpOBXtfW1NTnWkC5o4PGvhZyn5T_m_EBwhUAsHMvy0yJCqDQN2JMzSWXb05VTZ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242782&pi=t.ma~as.2784%2F13802&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180450&bpp=11&bdt=603&idt=223&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=1&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=992895139&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=2519583734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069957%2C42531706%2C31070101%2C44772928&oid=2&pvsid=2807034736151455&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.24bfnz4o8ji8&fsb=1&dtd=236

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:46d:7e81:55ff:4c12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 665A
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESELYmBNL38XBkNmqEXtKiP6Y&google_cver=1&google_push=AZmPxg9AhCuHE45kqB3QFLlcxBSue6BL3X2dRjeQTS23H1wNEgoP05zVU1lV0AtuKMDHcpikx5Dkina...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg9AhCuHE45kqB3QFLlcxBSue6BL3X2dRjeQTS23H1wNEgoP05zVU1lV0AtuKMDHcpikx5Dkinaf78owBrrxdRLOzEjbgCbD9w&google_hm=eYYxB4ZdSze32oM...

170 B
188 B

42ms
42ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg9AhCuHE45kqB3QFLlcxBSue6BL3X2dRjeQTS23H1wNEgoP05zVU1lV0AtuKMDHcpikx5Dkinaf78owBrrxdRLOzEjbgCbD9w&google_hm=eYYxB4ZdSze32oMpq00Qhbw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242782&pi=t.ma~as.2784%2F13802&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180450&bpp=11&bdt=603&idt=223&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=1&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=992895139&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=2519583734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069957%2C42531706%2C31070101%2C44772928&oid=2&pvsid=2807034736151455&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.24bfnz4o8ji8&fsb=1&dtd=236

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:40 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg9AhCuHE45kqB3QFLlcxBSue6BL3X2dRjeQTS23H1wNEgoP05zVU1lV0AtuKMDHcpikx5Dkinaf78owBrrxdRLOzEjbgCbD9w&google_hm=eYYxB4ZdSze32oMpq00Qhbw
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 665A
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMfGraF9UGoVFN0sv8-ipAM&google_cver=1&google_push=AZmPxg8oDClNY0LqRFnW-m-waw0G_R_dHrekAC6dJuk5psl5XK5kjeX_TqKHmgr82S_p7x_wJEz587sBbmrOzx9E...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=8ed1d807&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AZmPxg8oDClNY0LqRFnW-m-waw0G_R_dHrekAC6dJuk5psl5...

170 B
188 B

41ms
41ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=8ed1d807&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AZmPxg8oDClNY0LqRFnW-m-waw0G_R_dHrekAC6dJuk5psl5XK5kjeX_TqKHmgr82S_p7x_wJEz587sBbmrOzx9EfEf8Uy82Lh8JpQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242782&pi=t.ma~as.2784%2F13802&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180450&bpp=11&bdt=603&idt=223&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=1&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=992895139&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=2519583734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069957%2C42531706%2C31070101%2C44772928&oid=2&pvsid=2807034736151455&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.24bfnz4o8ji8&fsb=1&dtd=236

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 04 Oct 2022 06:49:41 GMT
via: 1.1 454c51e6774cbed81f946c64c1140bee.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: NRT57-C3
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=8ed1d807&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AZmPxg8oDClNY0LqRFnW-m-waw0G_R_dHrekAC6dJuk5psl5XK5kjeX_TqKHmgr82S_p7x_wJEz587sBbmrOzx9EfEf8Uy82Lh8JpQ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: x4Pu2JlQnTQ_Wsy6YaIxwMFB40bzBGO6q3r67SakTaFGZ2rnBfO8PA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 665A
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJ_Qes1EC2fyZ9YYsMXQrNw&google_cver=1&google_push=AZmPxg-MUM_HdBbyYGECXOgyScCaehhItnfdhCjnKMC2wqe8rGFnPEnItwA3O-sScQk3v9ZSrjSI252M4jBD...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-MUM_HdBbyYGECXOgyScCaehhItnfdhCjnKMC2wqe8rGFnPEnItwA3O-sScQk3v9ZSrjSI252M4jBDe62rITkncaiVNdG2Pw

170 B
188 B

48ms
47ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-MUM_HdBbyYGECXOgyScCaehhItnfdhCjnKMC2wqe8rGFnPEnItwA3O-sScQk3v9ZSrjSI252M4jBDe62rITkncaiVNdG2Pw

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-MUM_HdBbyYGECXOgyScCaehhItnfdhCjnKMC2wqe8rGFnPEnItwA3O-sScQk3v9ZSrjSI252M4jBDe62rITkncaiVNdG2Pw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 665A
Redirect Chain

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEITCfPEk_Oz3LLg-jxgKxUI&google_cver=1&google_push=AZmPxg_g-paU9XIe6Lw8B0Xdaw04YvQosiVivy1v6DHBSoBHn75BbE_-ZsdaRyhPQtafdpoLq7nHOxTAWd-Hjx2q-...
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZGY1NTdjMjYtZjFlZC00NmYzLWE0NWYtZjRhODM1YTczMzkz&google_push=AZmPxg_g-paU9XIe6Lw8B0Xdaw04YvQosiVivy1v6DHBSoBHn75BbE_-ZsdaRyhP...

170 B
188 B

52ms
51ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZGY1NTdjMjYtZjFlZC00NmYzLWE0NWYtZjRhODM1YTczMzkz&google_push=AZmPxg_g-paU9XIe6Lw8B0Xdaw04YvQosiVivy1v6DHBSoBHn75BbE_-ZsdaRyhPQtafdpoLq7nHOxTAWd-Hjx2q-HdnHgZXCvx9iA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242782&pi=t.ma~as.2784%2F13802&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180450&bpp=11&bdt=603&idt=223&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=1&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=992895139&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=2519583734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069957%2C42531706%2C31070101%2C44772928&oid=2&pvsid=2807034736151455&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.24bfnz4o8ji8&fsb=1&dtd=236

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZGY1NTdjMjYtZjFlZC00NmYzLWE0NWYtZjRhODM1YTczMzkz&google_push=AZmPxg_g-paU9XIe6Lw8B0Xdaw04YvQosiVivy1v6DHBSoBHn75BbE_-ZsdaRyhPQtafdpoLq7nHOxTAWd-Hjx2q-HdnHgZXCvx9iA
date: Tue, 04 Oct 2022 06:49:41 GMT
content-length: 0

GET
H2 400 sspsync
cksync.yahoo.co.jp/ Frame 665A 35 B
622 B 31ms
18ms Image
image/gif 182.22.24.124
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESECrsRksKvLgruSDd2R5EjdQ&google_cver=1&google_push=AZmPxg_20899NOBflRnuWIy4zUAeHnP5v8ZxT_PkgMXmnSLoKCsRMBezznMurdriURRlgvggDysm3otEBmIp4hSskKe_7lmP-QEjbCM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242782&pi=t.ma~as.2784%2F13802&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180450&bpp=11&bdt=603&idt=223&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=1&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=992895139&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=2519583734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069957%2C42531706%2C31070101%2C44772928&oid=2&pvsid=2807034736151455&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.24bfnz4o8ji8&fsb=1&dtd=236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.22.24.124 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

ATS /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:41 GMT
x-content-type-options: nosniff
server: ATS
age: 0
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private, no-store, no-cache
cross-origin-resource-policy: cross-origin
content-length: 35
x-xss-protection: 1; mode=block

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 665A
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEGmEERWEO8Gpb9eqW5o9F3U&google_cver=1&google_push=AZmPxg95feq1rZmA57iF5_1tYO7BFei_pmwtDph19ag3X0pFwCt2cwgC8JckEIoJaI_4ux0pePkWvl522dUP3emV0pThB2-VV...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg95feq1rZmA57iF5_1tYO7BFei_pmwtDph19ag3X0pFwCt2cwgC8JckEIoJaI_4ux0pePkWvl522dUP3emV0pThB2-VVPUvIMs&google_hm=0ce22d41943...

170 B
188 B

44ms
44ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg95feq1rZmA57iF5_1tYO7BFei_pmwtDph19ag3X0pFwCt2cwgC8JckEIoJaI_4ux0pePkWvl522dUP3emV0pThB2-VVPUvIMs&google_hm=0ce22d41943dda7d0280c21ba1ed7902

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg95feq1rZmA57iF5_1tYO7BFei_pmwtDph19ag3X0pFwCt2cwgC8JckEIoJaI_4ux0pePkWvl522dUP3emV0pThB2-VVPUvIMs&google_hm=0ce22d41943dda7d0280c21ba1ed7902
date: Tue, 04 Oct 2022 06:49:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 665A 0
12 B 43ms
42ms Image
text/html 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IGlxukzeE8EJhG2FvdiZcGTYrYtVlG41hDT2--ftq4olSFocjrEBzfKWCOgPuP4ucGWK4Xf3mH

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13802&adk=655181929&adf=2645242782&pi=t.ma~as.2784%2F13802&w=300&lmt=1664866180&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664866180450&bpp=11&bdt=603&idt=223&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D7844bb53df64d504-221db356d7d60044%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA&gpic=UID%3D00000a190f8ba5d6%3AT%3D1664866178%3ART%3D1664866178%3AS%3DALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA&correlator=5686070854853&frm=23&ife=1&pv=1&ga_vid=120190530.1664866178&ga_sid=1664866181&ga_hid=992895139&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=365&ady=320&biw=1600&bih=1200&isw=300&ish=250&ifk=2519583734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069957%2C42531706%2C31070101%2C44772928&oid=2&pvsid=2807034736151455&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.24bfnz4o8ji8&fsb=1&dtd=236

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 15A8 22 KB
8 KB 6ms
6ms Document
text/html 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 262983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 01 Oct 2022 05:46:38 GMT
expires: Sun, 01 Oct 2023 05:46:38 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16542115482971406336/ Frame 168D 29 KB
9 KB 47ms
7ms Document
text/html 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16542115482971406336/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

927ef7ec39066c8d3acbc0e219bd46ec934d9f24fdb9463405b3df226f5f039a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 96526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8682
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 04:00:55 GMT
expires: Tue, 03 Oct 2023 04:00:55 GMT
last-modified: Fri, 09 Sep 2022 17:06:55 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C8E3 0
622 B 130ms
53ms Ping
image/gif 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuS-jJE9h628kSz-uqK9Dmo15EDv3pvpoI61qmY9IARTuS4aev4RjDkwPqR_z02z1HdpXzSbedlKEdfgIlL3q4OhlWMZECCNicmmliHGIBtD1ZKNPl5YaMALgAXOJTikNAkNRRDp3zVY_TTokGcVWb--aN-acmgRKncEsJG468ASwe9WEvBC64-y64THN-4Hthdbiaw_F6LaVInmy5-0WFNuHLzCrW4jfH2mR7HNBSxl8SgR70kmeVChdGfKSuHq34Ayv8ItP8qyUXoiS_0Kyhg4UO8eyH6MELEh8SG0ks4B6U37J5QlN3ZElX-cA-YT9mUAIC1RTaPNsV-XQBra0d3UgbiQTbrtArGd-PDklLxoiPxeNhZ8ihOAe4ZBvjzFR03aqR6Za7ulF0XqUq0NAtaz54Z9i8nShRg7Bz4RzQVxMFV5DIEgTG4RtM71-Y_u5HNak7rzjABjxq_RTzMwWbN9SK1sFnI5YVRJvJokgI4TKssFymMai1n7e7MNX9goUqddxcoHNAaQHSuCIwhnpSCHtv7r0sww3jFDK_UtAJZJy4Clh16z6_TB_-S3LKjiGJmP3L6mF1viQvFmP7ISTUU4kYeWCBGdz2h16SxKIvxvOCVjU838fSgl-E571Gf7leoXmN4UGU49KZRqFxHs8Bmn5rMxmSsNgLEalpaGUPKdB_As2ROo2AesbrlPGsK_E127rMemyLJrE4Cgaugh_vpi-OOLG5T0kgV5g8VTdEd0xWmzTxmuvBE8qDdlciRZfUXHBAyanr1iMmLNaJwdqaHf2GzTZni77uUpbbjYejQ0Ui0yDzFZVc901vFZlUt3kccIBSBI_ij1NaE5s8ehyvcXblAOocSXdXDsisLpwbGSlitQGJ7GJ1AdYGvceOfwkm5GMLPywlhWPNRvG7r5Jq1zchRTKXZK3nJfMlIwh4SdEEBDeLXvlyZf_6DV9oVx-81PUvzDuyeVH625CUsKb7y2RReCp43Qm-DUyJZ2C4ocUI2t4s4DeMnfGrsXAiX3AZin2DcVuup3lMFWzHogWnbn-HIC7icsoAK4K_tqwAMPODe7Th1PhbkDxoTlO7RORKFHZuJZiYGbg-tEHa7pve08A4RdH3v2DSMQUHTa8WBtlzl3KAa0cg5N9nxkuiA98-2qTskeepzQFTUJhnvHtKdqk9lOCXmSEJbmqULOvqlGJtiS4cFqiECy5h4f2aSNysKwKnOwUsccmxo0FX8Kyr0oLa81PclOKuRqKZO41UUfy-01ARh-NXGoIayJku7ZOIZVjzATCfQTNMDQ-YKHzY9&sai=AMfl-YQHJnYWEUmGWxdKkijuoZoKfC-w6fwZeT5DoVObh7eIfoC6R_MiqULIFnr7KkIHMtp6rR449z6e_KRENGcQKUfptq_raDJMRzpatZdjyMlqccvGiu-1QQnln-qo4eMwJV1fT2bcw226jsA78uxqZ9CpJji6Pg3-TaX3AVIswj-5Qo_lgKVX794wsHrCw_-h-RDoRdHgrZCrVem2Z_eKSEcVjNAOQCj1y__HvOxoQJIMmadpWpE&sig=Cg0ArKJSzMEOysROFdiUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=125&cbvp=1&cstd=123&cisv=r20220928.35889&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 04 Oct 2022 06:49:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame CFE1
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEILhPkWo9mpCVaKpCM55shc&google_cver=1&google_push=AZmPxg8T6I_9Ss3n_s33TOV5k18cB-z_uqmCHsmWK-Stz6W95PKO3129AUNWoMdC-zrXqUccB3KZdSx6gauBDQW_NoDEqO5IPpCA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM5ODEyOTc3NzM2NzMwMTIzOA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEILhPkWo9mpCVaKpCM55shc&google_cver=1

43 B
398 B

128ms
64ms

Image
image/gif

2001:df2:a300:bbbb::135
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEILhPkWo9mpCVaKpCM55shc&google_cver=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Server: 2001:df2:a300:bbbb::135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEILhPkWo9mpCVaKpCM55shc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CFE1
Redirect Chain

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESECLXZUYKGUEzBPAVBOwNmIc&google_cver=1&google_push=AZmPxg9H1NP5bq08FpNKe1BTYuyh6cIzcUPJdos-ZMm3p5-SD7A3A6zHOw2m3wqWSfU7hN09PWRv1V1P-K...
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg9H1NP5bq08FpNKe1BTYuyh6cIzcUPJdos-ZMm3p5-SD7A3A6zHOw2m3wqWSfU7hN09PWRv1V1P-KOw4ovsiU_e6TaxVT0&google_hm=UXhWdGZobGFaTVpUdlFB...

170 B
188 B

56ms
54ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg9H1NP5bq08FpNKe1BTYuyh6cIzcUPJdos-ZMm3p5-SD7A3A6zHOw2m3wqWSfU7hN09PWRv1V1P-KOw4ovsiU_e6TaxVT0&google_hm=UXhWdGZobGFaTVpUdlFBNTF2b0tYLUZfc1hj&from_google=pc1

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 Oct 2022 06:49:41 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg9H1NP5bq08FpNKe1BTYuyh6cIzcUPJdos-ZMm3p5-SD7A3A6zHOw2m3wqWSfU7hN09PWRv1V1P-KOw4ovsiU_e6TaxVT0&google_hm=UXhWdGZobGFaTVpUdlFBNTF2b0tYLUZfc1hj&from_google=pc1
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CFE1
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEIKlJ7Ajq2RNN4xbcZvFFI0&google_cver=1&google_push=AZmPxg_1hF1PeUh_W0ZYE_q3z5kh121tDizbdyfHBPJry6fyzCrSOhoLBVok14HqXXki4uprw7sD3X-YZGkq0fMs0jKimTU8dnkS
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0NFMzFBRUY5MTVCQzdDMg==

170 B
188 B

43ms
43ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0NFMzFBRUY5MTVCQzdDMg==

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0NFMzFBRUY5MTVCQzdDMg==
date: Tue, 04 Oct 2022 06:49:41 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CFE1
Redirect Chain

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEDtf6CIo5yoBx0EP0OaPf4Q&google_cver=1&google_push=AZmPxg8W_tHEZLIP60M1nSktce3S2mJjCmnNc40PD76Jprg0e6Q_UTGXZtln-RG22-j5HhlHezSrpdsrv9bHYRkdyA4xvlkruBoh
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg8W_tHEZLIP60M1nSktce3S2mJjCmnNc40PD76Jprg0e6Q_UTGXZtln-RG22-j5HhlHezSrpdsrv9bHYRkdyA4xvlkruBoh&google_hm=NTBuNm5mMDBiQkRHYTAwN3l...

170 B
188 B

42ms
42ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg8W_tHEZLIP60M1nSktce3S2mJjCmnNc40PD76Jprg0e6Q_UTGXZtln-RG22-j5HhlHezSrpdsrv9bHYRkdyA4xvlkruBoh&google_hm=NTBuNm5mMDBiQkRHYTAwN3lwUlc

Requested by

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-store, no-cache
Date: Tue, 04 Oct 2022 06:49:41 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location: //cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg8W_tHEZLIP60M1nSktce3S2mJjCmnNc40PD76Jprg0e6Q_UTGXZtln-RG22-j5HhlHezSrpdsrv9bHYRkdyA4xvlkruBoh&google_hm=NTBuNm5mMDBiQkRHYTAwN3lwUlc
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-SID: 159f32b0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CFE1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM-129ykhWB2sF2SkBSqtiE&google_cver=1&google_push=AZmPxg_dsAmBJIO-IEaiv8Oc0lGZglvMhMNbP0_TBKbdIweRGF5dSUwK4d0-aD4FSkB_kdwvMkN...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhUVUM3RDEtMUktTTRFNA==&google_push=AZmPxg_dsAmBJIO-IEaiv8Oc0lGZglvMhMNbP0_TBKbdIweRGF5dSUwK4d0-aD4FSkB_kdwvMkNhquGG-OXP4LROHN5AygtC6Z8z

170 B
188 B

45ms
44ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhUVUM3RDEtMUktTTRFNA==&google_push=AZmPxg_dsAmBJIO-IEaiv8Oc0lGZglvMhMNbP0_TBKbdIweRGF5dSUwK4d0-aD4FSkB_kdwvMkNhquGG-OXP4LROHN5AygtC6Z8z

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhUVUM3RDEtMUktTTRFNA==&google_push=AZmPxg_dsAmBJIO-IEaiv8Oc0lGZglvMhMNbP0_TBKbdIweRGF5dSUwK4d0-aD4FSkB_kdwvMkNhquGG-OXP4LROHN5AygtC6Z8z
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CFE1
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJ_Qes1EC2fyZ9YYsMXQrNw&google_cver=1&google_push=AZmPxg-3rNcaIN5V__wWgCYzzbAvza0SPogyDp0zj1rV6zUy26F82vK3J-imt9WVWrVWiVMoMsayJPwq5FIB...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-3rNcaIN5V__wWgCYzzbAvza0SPogyDp0zj1rV6zUy26F82vK3J-imt9WVWrVWiVMoMsayJPwq5FIBFf1I9YG8MXRkGd_A

170 B
188 B

48ms
48ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-3rNcaIN5V__wWgCYzzbAvza0SPogyDp0zj1rV6zUy26F82vK3J-imt9WVWrVWiVMoMsayJPwq5FIBFf1I9YG8MXRkGd_A

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-3rNcaIN5V__wWgCYzzbAvza0SPogyDp0zj1rV6zUy26F82vK3J-imt9WVWrVWiVMoMsayJPwq5FIBFf1I9YG8MXRkGd_A
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CFE1
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEDhETgpUp9dk4gN9xJecCJ8&google_cver=1&google_push=AZmPxg_maZAYH3fzOMJ_--d4elX_P6pVcu4CUEdz56Mp5MijNEWF7i9wQ9Y0WyOwW5e9vVYQxlklrOhNHYqYNNbkQNjHJ8xLCY4
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg_maZAYH3fzOMJ_--d4elX_P6pVcu4CUEdz56Mp5MijNEWF7i9wQ9Y0WyOwW5e9vVYQxlklrOhNHYqYNNbkQNjHJ8xLCY4&google_hm=Z2JhMTQzODg2NTk0NzM0M...

170 B
188 B

57ms
57ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg_maZAYH3fzOMJ_--d4elX_P6pVcu4CUEdz56Mp5MijNEWF7i9wQ9Y0WyOwW5e9vVYQxlklrOhNHYqYNNbkQNjHJ8xLCY4&google_hm=Z2JhMTQzODg2NTk0NzM0Mzg5MGQ=

Requested by

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg_maZAYH3fzOMJ_--d4elX_P6pVcu4CUEdz56Mp5MijNEWF7i9wQ9Y0WyOwW5e9vVYQxlklrOhNHYqYNNbkQNjHJ8xLCY4&google_hm=Z2JhMTQzODg2NTk0NzM0Mzg5MGQ=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CFE1 0
12 B 39ms
38ms Image
text/html 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LztmzHxy-hQx6intObrS300VGd1WuKlmOQQ__m1RAjryVPch3dAUPFta1xBuuzwf5lY4c0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 27FE 13 KB
5 KB 4ms
2ms Document
text/html 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 138929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 16:14:12 GMT
expires: Mon, 02 Oct 2023 16:14:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E753 783 B
534 B 42ms
41ms Document
text/html 2404:6800:4004:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d2d0ad5cf494983519541fa16f295d3f541cdcd3837f0deb5716fe8e43a020d5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ykuLzeFatBY2-oGnLD8uKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-ykuLzeFatBY2-oGnLD8uKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 06:49:41 GMT
expires: Tue, 04 Oct 2022 06:49:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16542115482971406336/ Frame 65B9 29 KB
9 KB 22ms
7ms Document
text/html 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16542115482971406336/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

927ef7ec39066c8d3acbc0e219bd46ec934d9f24fdb9463405b3df226f5f039a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 96526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8682
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 04:00:55 GMT
expires: Tue, 03 Oct 2023 04:00:55 GMT
last-modified: Fri, 09 Sep 2022 17:06:55 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 763E 0
64 B 106ms
53ms Ping
image/gif 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGDzqpztEqs2woFu1svhwyw19VLJIqzzpR3zl07sMUcSoqoV0IQcz5pcwKZI2_YmnvM-wINKV3-Deeo8hET1yhkEhvz5aMsQbe9LOBVL8X5WQpnGo0uRb9h5vnJppcmFku8sjJIoAlGa1wwKqHfvz9jNeF-sqvDRLlZh6l5TJcH_ROCtOwvNI-yvIzx7Fx2aeb8ghFVSP3l3C4aODLSVyBWWAtRNxF0fv0Zu8CC3zwlIZU6ZxML5StDeDB1g8j7o2i6W2DRSKsVNzxPvsOSURgbb_JD-NcxlUExvhkQVUZpKJfvKDr00LUx64_Ct-1Yy9Opo4cZeEZsSAAy0JmdgLrSaeFjRRVeNpEwlSzumpTLSx78RWwmsEiJaDyGrnL62-6LiDebptweYwdHS93uBnixfL3rb4nR_oCMBk6uP5fcNB-4itQXNPZ_CwnNqXlLr02KxRGZTrG5yQHColYMtp8fit1P3C4bnxsH9RiG0pDqq3eQWCyjX-vP6cgxwo0fQxa_qynAsnBlo-yVvKWIZTFUvriM4xDIpuISId7hoVqo5wBFV5E1uobRFi8Ft529FysPiqlnARctcr4mAFfeAaG_QCzPUvQe0N0o-KANjrDPH4hTheXFJExV-DP9UHCL1XBazDk7eM1g22jFHcU_T7824B13giqTO8fSt66r85LfiZB3l0N3z1pOdtoMI7R2nd35NgfARNHS18tOM0_BOZZhRawTFS-wQnt7cGPoqTM3uMLZJ8sMeV7Ksyhhj9OzFueWwGQMpyR6pAZ1feK2Xs9ckK0eZeSxk-mMg2cnNS3A-ZN3xp07L8JuhHQ9mMXU15cfxumsyBx9kNcfiKSRiJZUau_2R43ewvhsmQXSHx6t8D3r506Jk_AxGbRIl1sMb2Ih_XXjdlKiawUWK5BQQIdXcnyZUntlTymMuxsUuotV2u_KEOPMWrO2xa8JTQYXCZL2pDc-iiWSqSo081lDg3W2pnBNzxvjGUS6QYKuNostJrK723ghs2GkUFAUJSAT6W1jMfkhkWq4WHGXeoc7yB3mq_zjN4bdX5z9aDF92FE8zvmdKmn4JEVpnnzRJR3QAs8eEMJuXcPOBpOay67q_UQJBxhfdoOzskCihcQOIZEH6BHf9GXoR-UndHEr4Z3Xx503M16LNswUxQnQ-FSQc1FVG9RJCBE2-Ry5_IQULTHY_FdAyuyTwo5J3GSZf8PX-_LBWOKTTgQxHjoCbM7-VpckVqhFBf8uYXD6JgmzjoBjLKYdOoDX0yt8xy9UqFFOItfEOW2fyBnznz9fMTQVA&sai=AMfl-YSvRX5NNG8ncjaWrQkhhvAOFX0EyU97O7zAjg8G0Vp74frRsfX3yLMV5ibZRL_SoRmOcgy81uD_JS5p7c0UaFK0cspTZw7G9PpFRBa4w-S0swMtvznY0wjW8dfBNRTr_tgV4zYBTIpTU5YXm4o5cASg8DBVN6xgkq9xRoOMpYvph25KHi1lVgWGOp-HFaK-sdfxXQtCnTHe8AIklEf3gv99a2anpVAshGev6Y0rB1Upe88JNbY&sig=Cg0ArKJSzKMCNijzdevlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=144&cbvp=1&cstd=142&cisv=r20220928.50644&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 04 Oct 2022 06:49:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 839B 0
0 40ms
39ms Image
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092901&jk=2683019579277996&rc=05ALeKQC_8PriK6gKo1_ztv4rRtvP2XEahdgWn8Ftg5dKHhr_mZmKefuMR4MmIKrqR_83ddd-E7btiBRuPbcZvlLMjuW91mVtNpHXM2S72nzPKOOOkIiiAdWqwz9Fok5BTgj4c6S9PMzb-4-MggSiu1gIWzmsgSm-QD_8XkXgEOsYv2uztfdNrrcEd
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F85 36 KB
16 KB 4ms
3ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:48:15 GMT

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame 15A8 36 KB
16 KB 5ms
4ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:48:15 GMT

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame 27FE 36 KB
16 KB 5ms
4ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:48:15 GMT

GET
H3 200 85501c75.png
s0.2mdn.net/sadbundle/16542115482971406336/images/ Frame 65B9 5 KB
5 KB 10ms
9ms Image
image/png 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16542115482971406336/images/85501c75.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

117930520d6bebc3a56262582b51189fbcd44348bd37febcd7b04f8a651524ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:00:55 GMT
x-content-type-options: nosniff
age: 96526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4649
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 17:06:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 04:00:55 GMT

GET
H3 200 905b7116.jpg
s0.2mdn.net/sadbundle/16542115482971406336/images/ Frame 65B9 14 KB
14 KB 15ms
14ms Image
image/jpeg 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16542115482971406336/images/905b7116.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8be49b16e8e15df332c53cb962ac2d7cd2ee19f2d2424c6fe213a0acc095a7e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 01:09:42 GMT
x-content-type-options: nosniff
age: 279599
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14430
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 17:06:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Oct 2023 01:09:42 GMT

GET
H3 200 2df4562c.png
s0.2mdn.net/sadbundle/16542115482971406336/images/ Frame 65B9 15 KB
15 KB 19ms
18ms Image
image/png 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16542115482971406336/images/2df4562c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce5aa1a66def1193e805da029a4ed60a113bca5ccf50dae4effd27f4580a1d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:00:55 GMT
x-content-type-options: nosniff
age: 96526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14888
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 17:06:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 04:00:55 GMT

GET
H3 200 da547f75.png
s0.2mdn.net/sadbundle/16542115482971406336/images/ Frame 65B9 29 KB
29 KB 12ms
11ms Image
image/png 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16542115482971406336/images/da547f75.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42f86d8949e2708514d5fe4e161beb598b609fc070a816a8344f2379d95d1531

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:00:55 GMT
x-content-type-options: nosniff
age: 96526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29624
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 17:06:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 04:00:55 GMT

GET
H3 200 7675ead3.png
s0.2mdn.net/sadbundle/16542115482971406336/images/ Frame 65B9 6 KB
6 KB 16ms
15ms Image
image/png 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16542115482971406336/images/7675ead3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbc7902e176b1646bc2e24f16b99e4e66202dec68342e8e9609f5d5cfe57697f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:00:55 GMT
x-content-type-options: nosniff
age: 96526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5831
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 17:06:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 04:00:55 GMT

GET
H3 200 f68fc3ea.png
s0.2mdn.net/sadbundle/16542115482971406336/images/ Frame 65B9 12 KB
13 KB 19ms
19ms Image
image/png 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16542115482971406336/images/f68fc3ea.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad1006d833864b5dbe0b5f3a9c4add99d2f5d35597e13c6cf2a40cb7e8337cbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:00:55 GMT
x-content-type-options: nosniff
age: 96526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12796
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 17:06:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 04:00:55 GMT

GET
H3 200 141dc101.png
s0.2mdn.net/sadbundle/16542115482971406336/images/ Frame 65B9 2 KB
2 KB 18ms
17ms Image
image/png 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16542115482971406336/images/141dc101.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e62984ee36c5055e97a28d243457a169b9e9926c9711aa3aa7a77c5933abd3f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:00:55 GMT
x-content-type-options: nosniff
age: 96526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2504
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 17:06:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 04:00:55 GMT

GET
H3 200 1628cafe.png
s0.2mdn.net/sadbundle/16542115482971406336/images/ Frame 65B9 4 KB
4 KB 18ms
17ms Image
image/png 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16542115482971406336/images/1628cafe.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7955b3950833a681922217245311df828eac375ce6fd85b5b2d7005a86ade298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:00:55 GMT
x-content-type-options: nosniff
age: 96526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4173
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 17:06:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 04:00:55 GMT

GET
H3 200 85501c75.png
s0.2mdn.net/sadbundle/16542115482971406336/images/ Frame 168D 5 KB
5 KB 13ms
9ms Image
image/png 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16542115482971406336/images/85501c75.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

117930520d6bebc3a56262582b51189fbcd44348bd37febcd7b04f8a651524ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:00:55 GMT
x-content-type-options: nosniff
age: 96526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4649
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 17:06:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 04:00:55 GMT

GET
H3 200 905b7116.jpg
s0.2mdn.net/sadbundle/16542115482971406336/images/ Frame 168D 14 KB
14 KB 13ms
9ms Image
image/jpeg 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16542115482971406336/images/905b7116.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8be49b16e8e15df332c53cb962ac2d7cd2ee19f2d2424c6fe213a0acc095a7e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 01:09:42 GMT
x-content-type-options: nosniff
age: 279599
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14430
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 17:06:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Oct 2023 01:09:42 GMT

GET
H3 200 2df4562c.png
s0.2mdn.net/sadbundle/16542115482971406336/images/ Frame 168D 15 KB
15 KB 16ms
12ms Image
image/png 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16542115482971406336/images/2df4562c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce5aa1a66def1193e805da029a4ed60a113bca5ccf50dae4effd27f4580a1d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:00:55 GMT
x-content-type-options: nosniff
age: 96526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14888
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 17:06:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 04:00:55 GMT

GET
H3 200 da547f75.png
s0.2mdn.net/sadbundle/16542115482971406336/images/ Frame 168D 29 KB
29 KB 16ms
12ms Image
image/png 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16542115482971406336/images/da547f75.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42f86d8949e2708514d5fe4e161beb598b609fc070a816a8344f2379d95d1531

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:00:55 GMT
x-content-type-options: nosniff
age: 96526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29624
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 17:06:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 04:00:55 GMT

GET
H3 200 7675ead3.png
s0.2mdn.net/sadbundle/16542115482971406336/images/ Frame 168D 6 KB
6 KB 18ms
14ms Image
image/png 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16542115482971406336/images/7675ead3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbc7902e176b1646bc2e24f16b99e4e66202dec68342e8e9609f5d5cfe57697f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:00:55 GMT
x-content-type-options: nosniff
age: 96526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5831
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 17:06:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 04:00:55 GMT

GET
H3 200 f68fc3ea.png
s0.2mdn.net/sadbundle/16542115482971406336/images/ Frame 168D 12 KB
13 KB 19ms
15ms Image
image/png 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16542115482971406336/images/f68fc3ea.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad1006d833864b5dbe0b5f3a9c4add99d2f5d35597e13c6cf2a40cb7e8337cbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:00:55 GMT
x-content-type-options: nosniff
age: 96526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12796
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 17:06:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 04:00:55 GMT

GET
H3 200 141dc101.png
s0.2mdn.net/sadbundle/16542115482971406336/images/ Frame 168D 2 KB
2 KB 19ms
15ms Image
image/png 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16542115482971406336/images/141dc101.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e62984ee36c5055e97a28d243457a169b9e9926c9711aa3aa7a77c5933abd3f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:00:55 GMT
x-content-type-options: nosniff
age: 96526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2504
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 17:06:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 04:00:55 GMT

GET
H3 200 1628cafe.png
s0.2mdn.net/sadbundle/16542115482971406336/images/ Frame 168D 4 KB
4 KB 19ms
16ms Image
image/png 2404:6800:4004:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16542115482971406336/images/1628cafe.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7955b3950833a681922217245311df828eac375ce6fd85b5b2d7005a86ade298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:00:55 GMT
x-content-type-options: nosniff
age: 96526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4173
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 17:06:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 04:00:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E753 0
0 40ms
39ms Image
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092701&jk=1660153869273446&rc=05ALeKQC_8PriK6gKo1_ztv4rRtvP2XEahdgWn8Ftg5dKHhr_mZmKefuMR4MmIKrqR_83ddd-E7btiBRuPbcZvlLMjuW91mVtNpHXM2S72nzPKOOOkIiiAdWqwz9Fok5BTgj4c6S9PMzb-4-MggSiu1gIWzmsgSm-QD_8XkXgEOsYv2uztfdNrrcEd
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 206 video.mp4
cache-ssl.celtra.io/api/videoStream/5b5df012e475f49d15d116cbfa6f5c42ec6769224f6f6e5f8772815fe5d697d4/x264_inline480p/ Frame 65B9 1 MB
1 MB 25ms
6ms Media
video/mp4 13.225.173.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.io/api/videoStream/5b5df012e475f49d15d116cbfa6f5c42ec6769224f6f6e5f8772815fe5d697d4/x264_inline480p/video.mp4?transform=VideoStream
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.173.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-173-56.nrt57.r.cloudfront.net
Software: Apache /
Resource Hash: d0dea3053bb430e8bd109cf437483b41412361b3e67acfe70e8a02c58098bc30

Request headers

Referer: https://s0.2mdn.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 12 Sep 2022 04:00:53 GMT
via: 1.1 varnish (Varnish/6.6), 1.1 304f6763e8e2c65d41e5e621780485fc.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT57-C4
age: 1910977
x-cache: Hit from cloudfront
Content-Range: bytes 0-1504532/1504533
Content-Length: 1504533
server: Apache
etag: "d0dea3053bb430e8bd109cf437483b41412361b3e67acfe70e8a02c58098bc30"
x-ratelimit-remaining: 999
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1803738 527510
x-ratelimit-reset: 60
x-ratelimit-limit: 1000
accept-ranges: bytes
x-amz-cf-id: n-FnhqQLPzREhRGyS_FqNcH5kS-TVZtZsp5VhbYFSj8mIADh5nfcEw==

GET
H2 206 video.mp4
cache-ssl.celtra.io/api/videoStream/5b5df012e475f49d15d116cbfa6f5c42ec6769224f6f6e5f8772815fe5d697d4/x264_inline480p/ Frame 168D 1 MB
1 MB 23ms
6ms Media
video/mp4 13.225.173.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.io/api/videoStream/5b5df012e475f49d15d116cbfa6f5c42ec6769224f6f6e5f8772815fe5d697d4/x264_inline480p/video.mp4?transform=VideoStream
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16542115482971406336/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.173.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-173-56.nrt57.r.cloudfront.net
Software: Apache /
Resource Hash: d0dea3053bb430e8bd109cf437483b41412361b3e67acfe70e8a02c58098bc30

Request headers

Referer: https://s0.2mdn.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 12 Sep 2022 04:00:53 GMT
via: 1.1 varnish (Varnish/6.6), 1.1 304f6763e8e2c65d41e5e621780485fc.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT57-C4
age: 1910977
x-cache: Hit from cloudfront
Content-Range: bytes 0-1504532/1504533
Content-Length: 1504533
server: Apache
etag: "d0dea3053bb430e8bd109cf437483b41412361b3e67acfe70e8a02c58098bc30"
x-ratelimit-remaining: 999
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1803738 527510
x-ratelimit-reset: 60
x-ratelimit-limit: 1000
accept-ranges: bytes
x-amz-cf-id: CMlFAxa_gy3PHRT7zhQ6T6rf_MM42Z_WLnyyGE2EgJ4Y5KMx1MRCCw==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 27FE 0
10 B 23ms
23ms Image
text/plain 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OmwCTQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 763E 0
26 B 113ms
56ms Ping
image/gif 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGDzqpztEqs2woFu1svhwyw19VLJIqzzpR3zl07sMUcSoqoV0IQcz5pcwKZI2_YmnvM-wINKV3-Deeo8hET1yhkEhvz5aMsQbe9LOBVL8X5WQpnGo0uRb9h5vnJppcmFku8sjJIoAlGa1wwKqHfvz9jNeF-sqvDRLlZh6l5TJcH_ROCtOwvNI-yvIzx7Fx2aeb8ghFVSP3l3C4aODLSVyBWWAtRNxF0fv0Zu8CC3zwlIZU6ZxML5StDeDB1g8j7o2i6W2DRSKsVNzxPvsOSURgbb_JD-NcxlUExvhkQVUZpKJfvKDr00LUx64_Ct-1Yy9Opo4cZeEZsSAAy0JmdgLrSaeFjRRVeNpEwlSzumpTLSx78RWwmsEiJaDyGrnL62-6LiDebptweYwdHS93uBnixfL3rb4nR_oCMBk6uP5fcNB-4itQXNPZ_CwnNqXlLr02KxRGZTrG5yQHColYMtp8fit1P3C4bnxsH9RiG0pDqq3eQWCyjX-vP6cgxwo0fQxa_qynAsnBlo-yVvKWIZTFUvriM4xDIpuISId7hoVqo5wBFV5E1uobRFi8Ft529FysPiqlnARctcr4mAFfeAaG_QCzPUvQe0N0o-KANjrDPH4hTheXFJExV-DP9UHCL1XBazDk7eM1g22jFHcU_T7824B13giqTO8fSt66r85LfiZB3l0N3z1pOdtoMI7R2nd35NgfARNHS18tOM0_BOZZhRawTFS-wQnt7cGPoqTM3uMLZJ8sMeV7Ksyhhj9OzFueWwGQMpyR6pAZ1feK2Xs9ckK0eZeSxk-mMg2cnNS3A-ZN3xp07L8JuhHQ9mMXU15cfxumsyBx9kNcfiKSRiJZUau_2R43ewvhsmQXSHx6t8D3r506Jk_AxGbRIl1sMb2Ih_XXjdlKiawUWK5BQQIdXcnyZUntlTymMuxsUuotV2u_KEOPMWrO2xa8JTQYXCZL2pDc-iiWSqSo081lDg3W2pnBNzxvjGUS6QYKuNostJrK723ghs2GkUFAUJSAT6W1jMfkhkWq4WHGXeoc7yB3mq_zjN4bdX5z9aDF92FE8zvmdKmn4JEVpnnzRJR3QAs8eEMJuXcPOBpOay67q_UQJBxhfdoOzskCihcQOIZEH6BHf9GXoR-UndHEr4Z3Xx503M16LNswUxQnQ-FSQc1FVG9RJCBE2-Ry5_IQULTHY_FdAyuyTwo5J3GSZf8PX-_LBWOKTTgQxHjoCbM7-VpckVqhFBf8uYXD6JgmzjoBjLKYdOoDX0yt8xy9UqFFOItfEOW2fyBnznz9fMTQVA&sai=AMfl-YSvRX5NNG8ncjaWrQkhhvAOFX0EyU97O7zAjg8G0Vp74frRsfX3yLMV5ibZRL_SoRmOcgy81uD_JS5p7c0UaFK0cspTZw7G9PpFRBa4w-S0swMtvznY0wjW8dfBNRTr_tgV4zYBTIpTU5YXm4o5cASg8DBVN6xgkq9xRoOMpYvph25KHi1lVgWGOp-HFaK-sdfxXQtCnTHe8AIklEf3gv99a2anpVAshGev6Y0rB1Upe88JNbY&sig=Cg0ArKJSzKMCNijzdevlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=356&vt=11&dtpt=212&dett=3&cstd=142&cisv=r20220928.50644&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C8E3 0
26 B 64ms
58ms Ping
image/gif 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuS-jJE9h628kSz-uqK9Dmo15EDv3pvpoI61qmY9IARTuS4aev4RjDkwPqR_z02z1HdpXzSbedlKEdfgIlL3q4OhlWMZECCNicmmliHGIBtD1ZKNPl5YaMALgAXOJTikNAkNRRDp3zVY_TTokGcVWb--aN-acmgRKncEsJG468ASwe9WEvBC64-y64THN-4Hthdbiaw_F6LaVInmy5-0WFNuHLzCrW4jfH2mR7HNBSxl8SgR70kmeVChdGfKSuHq34Ayv8ItP8qyUXoiS_0Kyhg4UO8eyH6MELEh8SG0ks4B6U37J5QlN3ZElX-cA-YT9mUAIC1RTaPNsV-XQBra0d3UgbiQTbrtArGd-PDklLxoiPxeNhZ8ihOAe4ZBvjzFR03aqR6Za7ulF0XqUq0NAtaz54Z9i8nShRg7Bz4RzQVxMFV5DIEgTG4RtM71-Y_u5HNak7rzjABjxq_RTzMwWbN9SK1sFnI5YVRJvJokgI4TKssFymMai1n7e7MNX9goUqddxcoHNAaQHSuCIwhnpSCHtv7r0sww3jFDK_UtAJZJy4Clh16z6_TB_-S3LKjiGJmP3L6mF1viQvFmP7ISTUU4kYeWCBGdz2h16SxKIvxvOCVjU838fSgl-E571Gf7leoXmN4UGU49KZRqFxHs8Bmn5rMxmSsNgLEalpaGUPKdB_As2ROo2AesbrlPGsK_E127rMemyLJrE4Cgaugh_vpi-OOLG5T0kgV5g8VTdEd0xWmzTxmuvBE8qDdlciRZfUXHBAyanr1iMmLNaJwdqaHf2GzTZni77uUpbbjYejQ0Ui0yDzFZVc901vFZlUt3kccIBSBI_ij1NaE5s8ehyvcXblAOocSXdXDsisLpwbGSlitQGJ7GJ1AdYGvceOfwkm5GMLPywlhWPNRvG7r5Jq1zchRTKXZK3nJfMlIwh4SdEEBDeLXvlyZf_6DV9oVx-81PUvzDuyeVH625CUsKb7y2RReCp43Qm-DUyJZ2C4ocUI2t4s4DeMnfGrsXAiX3AZin2DcVuup3lMFWzHogWnbn-HIC7icsoAK4K_tqwAMPODe7Th1PhbkDxoTlO7RORKFHZuJZiYGbg-tEHa7pve08A4RdH3v2DSMQUHTa8WBtlzl3KAa0cg5N9nxkuiA98-2qTskeepzQFTUJhnvHtKdqk9lOCXmSEJbmqULOvqlGJtiS4cFqiECy5h4f2aSNysKwKnOwUsccmxo0FX8Kyr0oLa81PclOKuRqKZO41UUfy-01ARh-NXGoIayJku7ZOIZVjzATCfQTNMDQ-YKHzY9&sai=AMfl-YQHJnYWEUmGWxdKkijuoZoKfC-w6fwZeT5DoVObh7eIfoC6R_MiqULIFnr7KkIHMtp6rR449z6e_KRENGcQKUfptq_raDJMRzpatZdjyMlqccvGiu-1QQnln-qo4eMwJV1fT2bcw226jsA78uxqZ9CpJji6Pg3-TaX3AVIswj-5Qo_lgKVX794wsHrCw_-h-RDoRdHgrZCrVem2Z_eKSEcVjNAOQCj1y__HvOxoQJIMmadpWpE&sig=Cg0ArKJSzMEOysROFdiUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=413&vt=11&dtpt=288&dett=3&cstd=123&cisv=r20220928.35889&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DC17 14 KB
11 KB 75ms
75ms XHR
application/json 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js?bust=31070101

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ed1a32f3d92aa29a32d9242d77a8f1594112b71a2e03dd47f37c84ca0b20611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 19CA 600 B
624 B 17ms
16ms Image
image/png 2404:6800:4004:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 23:28:49 GMT
x-content-type-options: nosniff
age: 112852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 09 Oct 2022 23:28:49 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 19CA 530 B
554 B 17ms
16ms Image
image/png 2404:6800:4004:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:14:18 GMT
x-content-type-options: nosniff
age: 167723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 09 Oct 2022 08:14:18 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 19CA 665 B
689 B 18ms
17ms Image
image/png 2404:6800:4004:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 09:18:12 GMT
x-content-type-options: nosniff
age: 336689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 07 Oct 2022 09:18:12 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 19CA 15 KB
15 KB 84ms
25ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 22:47:30 GMT
x-content-type-options: nosniff
age: 28931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 22:47:30 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 19CA 15 KB
15 KB 79ms
22ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 22:47:32 GMT
x-content-type-options: nosniff
age: 28929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 22:47:32 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2F13 14 KB
11 KB 71ms
71ms XHR
application/json 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210030101/show_ads_impl_fy2021.js?bust=31070102

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

252e019539e011a95261ec4f3b15f6792e1fb76760467257c723db9dee980da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11211
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F85 0
20 B 60ms
59ms Image
image/gif 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B13Qjhdc7Y9UzmryAA5mYksgEAAAAADgB4AQC&bg=!FxSlFFDNAAYQgTJdMIE7ACkAdvg8Wv_OPTmJR1fQPh_KTwQd-7CB7AiQIxsgwpcVUEZQQ11ZwxTV-AIAAADpUgAAAAFoAQeZAxssCDXFxQ5llzfBHql6Xnas_bboEzEwwygNmKu55UDeXFr930r9JVp4DEDzySCIYnmkDAQmfwRviihgEJjoa-q5T7Xf1fgVB3XsBMQon_KKDK3ej7FzEN7y-tmMyElB_Pv9WY8QrUF3fMj8ZLkhJFGEgnTk8WhN6c9JNo0rcg-WOHAK3sUwQcdAbgDJmV8L9ACu6pLU1rrRhLA6AoX-vmbDKQtO_u7cJMI0AtenaEIf4K5t2QYf5T5bnYOernMk6d__rSjaRNxCJun93yvIykGX2GAz11oP4nEPbZ1tLuaWK5LeeeUxTUePzr-biYh31neENIWP4aIiOkRiXCeBStHgOpMagUa1A_-6ZluOkG2fQl6Di7dAa7bKWlXV2FOXXykof7WmHKEiiUZvmV2FlHglHbhIL46tVLF7BAmBlkLQvkSCIoYsXo5ic7Z9P41xm7AJAPbBWviQINlgBlPY7fbEbScATNrLtccaRXYngH96lOxrUxxAtE26HZjKzsj44dnXPJh47mNd0c6UDTH8Tt1w6U-YmR-FMSWrRKT8u3mPtwCfdHWtkpmQ1wtVWPaw5UHGDxTS6ieoMTysoQbrGf27BKvtmjURC_TYqoSwQrCB4Ap1_9-GXGQAWCUbpbm63WMMHnPo7kGdp0rZgnBvJL5a6gQTzeH_Hd3ccfOlyTBrOXl0ufN7EakNob1oV80jEcsTba2xCgJ29PBtyF-ECM1ARtGEPkxZt_VOcpmA47oemdehmnvHqw8SGhkhfhBhfshC_ogCx1-MnrVi_3uUjrtcmmI0hXpKStG2rLpJpFoqQ_G5MGNzsGR-zDimAiIZBR7yMXdmzLb-sUpHmnsYsdDxAQOCgVVaXaj2R7RkENToOHOrrU8mRsBcxS52BVz1TtjqhATsGT-WAZ-uIEAAptSFVD2Gdd26lQKmph7Zaxc__z72TI7734L3r8y_uHMVJtGK8boR27dG1joH4MR_SdiOJteeOBLN-B5jUV-3cXU9VGcQX0pL7WgXWrt1vZGQtxLNnfmFt43LmF8Hr-6-fu7aqMUYJs_zRD-QgH8

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15A8 0
20 B 58ms
58ms Image
image/gif 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BR2pghNc7Y7qXO4rbs8IPzt2doAgAAAAAOAHgBAI&bg=!cHOlczfNAAYQgTJdMIE7ACkAdvg8WuDmneQ6t_4XEqOhTAlh3vSBfjFC8QxBb_VXKs3Nhjv3NmnzhwIAAADMUgAAAAFoAQeZAxucrS4jqP2NGUURWgBJuQT8AYXgYM5JJ3wPaU277GwpoqEyi1CI7uJQ4ZI-7V2lmORzDE7wZ83k6pl808vSLGa4SATQ28oiiiuK2WhqnG_iFMX0Ga5UpZRPx1e97v_UL56YVkUVD8gHxe-rSMKvLzB2dTqIxAnKf2aI6DQU83IJZJLE4Q7dytxWVT4sBgY0YG8xlGCpQiYSN-WHYQrUILC9rj_fu_iiVkOLp7DzWQZPJOGna7KJZAUvQYgqL85Y22KRTyCmHdelylKLbI8udUn9ggb3HxQSkAosS3sBu2fOmUdp306bSCaBnbzMRkQWfoJvoO19ItYSHTw_507y1kKHYzUb1Ek1kiojWASLczeMx924TopkgjTnzaKEL9i3QvxbfRha00hpOILly6xMtPATXeQnwMmybQnbKyBlm8MPGrQKQDVpT6CsZsy3bFuCZtlBy25fZm9xSo-zINAzgDB3cWorCAW3f-6k3J930h_G4FKW4ccgaVVtDWN96V4INg5vy3rXQotyjy9gbz32tDtP0Krnujoi3e5xS5QLFk8IwmnphKpUIWCUSIZbqmVC_nxvKyfMmDi__Fo7mEDd7fhx9wnDzJXxcz2WfBkIYx4Qlgq10pGY5W3kdo3I9ktLffE2iDOfv6O8J6xNAi6tsKJd0UmrtRiI7RfKDFEUJaoaaF6CNFPj9wdvyZAvIk8NRNyA6CSAINbgKg4Z-XNQzjNxLQoDDTDe0sPWPFhoO-Z-FYovZZfBQellOzKGvmBZGVp01pHUgWhmheEf3g-WWvYJ5VeGMrxIsfPfQxbAwhmLH4CiYitWmneIKd97ZHaP1cl2zDOvjTMbtTPOwni964pf_wG_BmgrqfyJQ6IaCpSE4miUqU2TqO6O_zsyXt6-WtONeQnV8lKoNhjLreLRfDxDb6FQRrooo1Gg7CF6ZkzMlEdHXl6JsxYifkRlfb2o7GUlynfgNq9cK9-9hbLKmma8oEdHfP9QXOOthC0PPL67_eUCE_f2HDSx6O7Q1dD3ZVjOrjjUrnjJVQrxMhdzdeZvOOlFpzXa8Ioyhr4

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DC17 17 KB
6 KB 57ms
53ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js?bust=31070101

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 04 Oct 2022 06:49:41 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2F13 17 KB
6 KB 90ms
88ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210030101/show_ads_impl_fy2021.js?bust=31070102

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 04 Oct 2022 06:49:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4CFA 13 KB
5 KB 8ms
7ms Document
text/html 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 138929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 16:14:12 GMT
expires: Mon, 02 Oct 2023 16:14:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EE0C 783 B
536 B 46ms
46ms Document
text/html 2404:6800:4004:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eba15572b76b3949dc1821a9e6d1c75a4b89c5bcd4531f1bd8c073df5c075642

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Qu1936qUCjYMltkd8J-_vA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Qu1936qUCjYMltkd8J-_vA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 06:49:41 GMT
expires: Tue, 04 Oct 2022 06:49:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame 4CFA 36 KB
16 KB 7ms
7ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:48:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 71E4 13 KB
5 KB 9ms
8ms Document
text/html 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 138929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 16:14:12 GMT
expires: Mon, 02 Oct 2023 16:14:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E082 783 B
535 B 45ms
44ms Document
text/html 2404:6800:4004:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

66965182a2da0d9a1de442eb632b1c82101c218a233e117436c7d6a3d6d4371c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LY_MrWUCdU9Qo4Qovuo0zQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-LY_MrWUCdU9Qo4Qovuo0zQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 06:49:41 GMT
expires: Tue, 04 Oct 2022 06:49:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ABEC 0
0 49ms
49ms Image
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092901&jk=2683019579277996&bg=!8_Cl8LTNAAYQgTJdMIE7ACkAdvg8WswzQhxEOT6Vf1tG88C8-gHGiQnynxGUYVkkSvBuBpJKISq-RQIAAABcUgAAAAFoAQcKAAtEdXY66h35wtvkRJkC-Je_PE58h-Bvzubya6puMNaALsSroQHloOvoeW6mLUUpg1kKOrDiYfxFmFxq7oPgSFSIte1I4YsaxUysFpaszFqBNfo1dx7zt9tuqw-qA-J8WHMrYXEhKfn2FB9rUZpMKXhLs3am6teXRx6eBE9mnglF62PC38Q6KLvnbNB-zzWH12tEv66p-2NQgGOdojLUYSywRrcz5T6c3hYg9wZEPPC77fGaAq3JaMAbT8ZkRxvQnAWiQn78Bqy0IB-lDpTxeIotiUryEzHi2o2Fb6hmuRZTd923q9WfABhmc5zQS3of27u3ga4In0l3d0aHqfQOsCr4TmktIyFLquftBSXtnGklMh54zKLvWOV35AiF4WpW_GDVto9Amb5JC8fqUHeb1jw0gjOz_Hgh07gfsBrYLvzU8jtJYa6KVw9ThdZ7eW4iF9v30B9wVrCqepuP6LrMR4_WoMbR2EsLPzOUHQhkad-ehPZCGHr8puaKjUGqgtKN_5U_LeYpiCE5EYfJqDdz4YikIWsPTiTL7z46YXVGl4o9xzOborGj-6WiET_VYBnXx7p-x--M_lic6yZk4gIPpvHbKA9y8gjRPtqcds-5Bxbzf7uB8VOiGlpb84JzzALt95mCKBqvekeQmnh6oV3lxkLe2NahRuD6pcE7X91QzpIynNmHJ2px2owfNtum7T5Aogyo29TD0TsnLjWRZ3TDnqs3Ws3JhZYjxdcf2cUUTRTjg3JimwEFvnYz6itffZdX1UEaDZAzxdgI0uhSiiuDIKXg4X4WaYk95vCrWq9ipfCBfGQuAfFlrhAKPegtUZdCAH-HO01Rwb1jeyZ_EI5QQPQI5JhG1JAGifJ5KPU8jaqkzxfNhx115q3CjA-BhD61c8FFK9ye0wrFGaFGkV4ZWocIyZ8vpawZUX4DZNVN5jp1FToB6fqVljm2dvmzU88ABoCjuu0OzhyUf9PnsahfSTrn3nyHB0-TSbkdXS29er1uZOIoumYOD6MBLfjhFtPMIZRWq6RTW9U
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EE0C 0
0 42ms
42ms Image
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=2807034736151455&rc=05ALeKQC_8PriK6gKo1_ztv4rRtvP2XEahdgWn8Ftg5dKHhr_mZmKefuMR4MmIKrqR_83ddd-E7btiBRuPbcZvlLMjuW91mVtNpHXM2S72nzPKOOOkIiiAdWqwz9Fok5BTgj4c6S9PMzb-4-MggSiu1gIWzmsgSm-QD_8XkXgEOsYv2uztfdNrrcEd
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame 71E4 36 KB
16 KB 5ms
5ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 15:48:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E082 0
0 42ms
42ms Image
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=4025329472131933&rc=05ALeKQC_8PriK6gKo1_ztv4rRtvP2XEahdgWn8Ftg5dKHhr_mZmKefuMR4MmIKrqR_83ddd-E7btiBRuPbcZvlLMjuW91mVtNpHXM2S72nzPKOOOkIiiAdWqwz9Fok5BTgj4c6S9PMzb-4-MggSiu1gIWzmsgSm-QD_8XkXgEOsYv2uztfdNrrcEd
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4CFA 0
10 B 4ms
3ms Image
text/plain 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_aogRA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 71E4 0
10 B 6ms
6ms Image
text/plain 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?YPcZzw
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 06:49:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EC58 0
0 57ms
56ms Image
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092701&jk=1660153869273446&bg=!paalpuLNAAYQgTJdMIE7ACkAdvg8WpxQq4gGEsYbkBqdrrTWAj6cZhiAi3XO_IlBLzcDQIzQaBdh9AIAAACfUgAAAAloAQcKADiNLocIPLxIqiBDl309oyb0trEkPlJqWVklSZghN_NMPf7h8Y0g-GaNU2cUgfVmNKRQHOG7PLfJa5kC_YiYJ22Nb4l6eFZI9vQn10XtwE6AT-aUYiJvzpdmQSvtLgrHCYVib3hMmv9MGwrAszyL55-BhCv2aIKOuVeWRffWoMaeDfev1JKijJjLF5N18ghgq7RMs0NKwG6xd59p2tums06-C1pHpMMqUC2epo1pG8V3gKqyG1LInMPCd_PuOxqh3cU0n-dn4CqJqCKbIr_xzA6eb9kXr3-Hn9WSia4CMSlodIGR2CMd2sCXqsRuq8olHpWssH-up0KqovYMQHgmsiL6PwFICye7SSUQDdDIBa3cvsllNS1WJkj_9CrgXpujEcymv92tm__xixP0kqTjKYEYw7qtEadJUWN6VbaHFcuHH0cjuO3DSNEBs5KRaxNvHIoOCIPz5V-TwmW0vENVKU-lfJG9UWp-yrl-Qx5iWshE_LD2CMYRfyr0ItSqG0XDSJ5FoMb4aJzIfOgH7W4W8a9TH6wCIGG1RVwA0XfOIt6_gixGWaGsQM22H0bMY7rSRYKpWvo_gObJy_U2x2TX2Rv_0yIv3ZkJB8iU3i8xwkzA3RKdzZwI_FfpAp1niWzBgdgJ4GiEjzuusShMvoL-mjLn6awTZygUg8CaY3RDe9weuxpAd6OYd7556uANE8x0QMZVleq9n3G7Hsa76KlBV1I_z9y3G5rYucUg5w7OviJNd_tNcJjzuOm9oNyBPAm2DAELnQfzYbvceyNa0y0hmF4BaNWvdI5ytK69eSqdnnVUh_ut_jhWL-FOy4g_ihrwXXq5JUHehVvdrkz9MSzGuSUW-Fpsv8vvOuwcHjtvaKEghPjpV0l6bDt4Pq1zTWodQlZ_V_R-wqB7KTKZX8len3X2-vQozUxyHElLSP2f0l0R85If4V7ubWgnZfTcZ1OtsVIQ6idqhz5w02XKNpRKkNPnYcXTN5y0ROEuKCO_IffHeNBBMUeGy0Vj0Xb-IZ0-QAGvkQaYKxTS8RqWqNtbvypKNNKi0Yby3SnrdNcRxeOvpaYj6wlcQD95vlumBuzBv4w8K0f4EFxXRA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DC17 0
0 47ms
46ms Image
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=2807034736151455&bg=!ICOlI2fNAAYQgTJdMIE7ACkAdvg8WoQRFxfi1Okziz-iuBT4diB246SEFulOoHlLtEgYrRMu5ol7OQIAAACPUgAAAAZoAQeZAvrJKWlysr1vi6wfkzqbq6O-wntGZ_Sotj_uuRP4vd41ESWr70Ld9x78KQ3T2-bqYXv0bN8idHk3K7ANcOFmbGzxFzSPtTNL6dXzrElqtfLo1ffWIlNypLZFKWSWJTbtHBVMd8YqHQ8iTL1TfDQKNkuM3RIVTJ9wVbxDSzNIY_GCc6jkEK_DgAqOSuPz4UsWva0rE0BzmVlrFBR4yxKlQTRQ1xA-t50wpmRBHsFQwQgwxSKjwlW692TjA2av-JsNYrUqKhlb_t2xDozARRn2eqgLBPmOzR4dknOnaIz61kS5xzMbAEXjL0Z8jhgX7_UzrTbiHzkH23u0Rh9_aOym7XgVcb2U1lDcUzc0zOMTEi04-6wDvVznfCUFKfNRiNwbch2LY8smaE2-gXa52MQnrsuhOz0qoxSml264sXyFOufiRwxMoibqSotYkaO7jASd5rpT-3ZPjBr8zKnlKyzZ9cc7VHVN0ZnFBrPeKFNqlJFMK70dO99b1UPR2IDD3bVyi-0z0rFwKA8l4198UfFdpG-2DkDk4wERdBBTRGeSD83DzHxV8fnNlRP9LG4MLGccNGtUPqP448XW78fW0uBvU-htTUlhXOM-K8eUIBbgIQp_iyM_ng6QGyOZKJGT2nnbBoPGixxLJkzp8sUSXdFmmmHUJJ7_by4IxZsCwbXtFuCglifr5gcJZNrCPBrczVU9vk5CLnWoMUwqIEmpT1s9UPPEnFkbpExQR-5gkureHl5CTRs_CE0g-yLruqmqTjMeYmK6Iy2DzoLZXkOLMCLXfdSSSmql7ppagQ8ox8diX1XHOVyvsbbNdo8m6sp-vC5uM598WwBfcQHSFwh-uW4wZmwQD0amknbAeHS4QwMwW5AZnNO9wC2ZpEEOdWX7K2a3jNE3-Jr5f5F1JHHR-HE4f0ZXZ9gRwimAMvDnt2E1y-_YlZvrSO91fLOsDigyiwiyCenX7ED0lN7jaOsdx8uXGNw2I2DAdfz9aFk-1ASqgjmjvD3E6V2frIwlxkA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2F13 0
0 45ms
44ms Image
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=4025329472131933&bg=!iYqlis7NAAYQgTJdMIE7ACkAdvg8WvkqgMmkpU4hfUWae7dTxSPEv5u5gHdAP2qcevOjxMh_cSk4VwIAAABkUgAAAAZoAQcKAKoxoMfxysCbzpF_0J4DMdRCqD7bhojb7R5q4Zcd3Co0mtToM730Cx7CUPGQTJ8Pe-q-ArhxY0jmiCnoWB6Ad-QdaCtOgRZ8Rdeoe3FcLWkz0JSSRznFjS1vgRrohCD9BehO8EfITjs0_t4Y3pM6QSKv0mJNYXyYx0HwC6AQjCY5yA2doDa5xFIIOG4zmWF08l5AV8v8gmX853QMoqDQhTMoArrk3FET4dgFiZkC7Nl_-M43M-mIUolPBxk6iz7Hhc-g3-mugZ5LQfTe7PlpHD8Qr5Iur6rGG6gN80MUzrYLnP5-bKph8ur0T2jw5ptum3sgFpEjHXiAaPc6yvuxeNytjGy3DIplN7owbXBdqFAFX6xtq8YZeXcOf9-gARtdGKwSnsDihPfm6KuDkpZaN-yljV9N59sopdIVPPSX2d2uNC0J5JPH1yr8_4S-h0C1_iZX2EgtmNCSnw2TRMeDipoMgs-CqsEpQrTNmDqJQHnwBDcqryXn0v53UApm_I9eH4hIkynB4ujefXSsYi8xm2DY180ce0X_3_KL4EXsMP18IHOzUFQi55cABMlMd0D5cxbZIn7hrt2AbQudlP5QAuRgpBLZmsJimUdglReWjVqag2XzRNmeljnHNQffnAQ_CfOP1rTc2U3TeGD_l78YRjwKfxvzrtIQgDtcR3_1vJhSyx0IuIOX1k5p85UfFkw7ba8Iba4v-0YAul19UW-mAZcEynaTXzhfnFpn7FUEPUEi-017Soyfei6BCdVTYzMbGkbyI08GvBTDb12oQ9KTSMmb28O5fGwY7EDED9kOmBJ9SeoXto8bZA89mDl7WX1pPeLNUGNF7UnOphy1eajIvvT8YUNx05QqslrD9CO16U_SaRknjauSzY6ujfKRB7MpLpVcVlKCBac93Wrz6I7BBwOQ0nSSeQs7Dsnl-na14R2z6Z7iqDiXRXLYgijBD8F7-Q8tg6nzdlOv_FCFzVzn8icyRh44vwVVGr7DT1FJVag9_uPgEYaShA6W0QBEvrArI_FE-qxSh9OMbCtK7OmtfQJ-TnhWHrYbTJ5isitEEd_nA-YSGErskq4c--c3ebVATDT6THtOZ0a43eR7oLEiSg9CPYPfByYZ_qT5uM49ojloMlGi9dGoTXEU6mm2C4F-xroKqTnZq85RjGgfwutbTS2uppwwmf3zBfUogiRut-Ll3UKydWGCdYYwgxZOSuNvTgVGI43onKCA4eQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C8E3 42 B
64 B 51ms
51ms Fetch
image/gif 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUYwuIKXDpK-Y2A8_nFYweZ06CfjUMlWdxLi7pJxAItc6r7nMrF_TeS1AGZoB5Ob7cbVxIxD2h2R5Dbdqql1MFOvbWMiuJSPk4y6jW_UkB0988duQ4x-nGdDY6q_wpjRn-As8&sai=AMfl-YTn-pydoXPkilHafldsufMzUMFcrpA1M_ljwtijLJmXJCS1N0RhAA_7pyzi5WzkJ3nLNr1InsOimGcOQDGg4uQ5TBLTSpS-7SmLN1E5Pc0Q9f-05o_J_JVIureoEQ&sig=Cg0ArKJSzHR-_Y9KxY51EAE&cid=CAASJORo1SyrC5cqwMNEwPr4hk9GtpP4hT1s1Le4lJ_vsHBHBOsb4g&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=655181929&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664866180687&rpt=756&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 763E 42 B
64 B 47ms
47ms Fetch
image/gif 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhcwcCOs4sYtCc7nH9cE4Q9kRFaFLXoXJvUovv6W-b7lDrDQUaW5V1nd5w937VTT7bA3F58cRO6CJGS9m5gUKqwyI7zJf6Y96CBnXFUyCliwh_AhBL8Jf44CwfcQU1LZP3iD4&sai=AMfl-YQgfE9F5s_LPcL93eBAoCIYZ_3vrnTuM-DfGI4IttXZ-gClN4jI30mxItBBEopeYF1KaWgAwJ5oDdCxut_oGV8NqX0Zg0OJm-MMENdO8EKxPGeG05SvNlzWyl0QgQ&sig=Cg0ArKJSzAisvM2sr5MvEAE&cid=CAASJORofTAw0L-5dW0Pwdegnkz1oKqtMyMeLW5BZPrs_vfkXYqxzw&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3215738614&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664866180661&rpt=857&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 06:49:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fcm.holmesmind.com
URL: https://fcm.holmesmind.com/cm.php

Domain: fcm.holmesmind.com
URL: https://fcm.holmesmind.com/cm.php

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 10:46:58	Name: _GRECAPTCHA Value: 09ALeKQC8S7stsKHth9P90OhfRWsSTF8JExUqmqBZknPWfVAxRIGRYMftVOuBDZD4nFEZWZW7mjwrWOfcOaxjOJLc
reurl.cc/	1970-01-20 15:13:22	Name: clientIdV2 Value: cffba54ebbd5e8cf93ab7eac0b70ce31a83cf3966cf822219b06212d063f0d8d9b1e273a822e11e0478f796e247c01e19e53ffef00d0dd2f64fb826ac1c15c26d74dc1cc3d6a7e5d8c774c71
reurl.cc/	1970-01-20 15:13:22	Name: clientId Value: cffba54ebbd5e8cf93ab7eac0b70ce31a83cf3966cf822219b06212d063f0d8d9b1e273a822e11e0478f796e247c01e19e53ffef00d0dd2f64fb826ac1c15c26d74dc1cc3d6a7e5d8c774c71
reurl.cc/	1970-01-20 15:13:22	Name: lang Value: tw
.reurl.cc/	1970-01-20 16:03:46	Name: _ga Value: GA1.2.120190530.1664866178
.reurl.cc/	1970-01-20 06:29:12	Name: _gid Value: GA1.2.1136600144.1664866178
.reurl.cc/	1970-01-20 06:27:46	Name: _gat Value: 1
.reurl.cc/	1970-01-20 08:37:22	Name: _fbp Value: fb.1.1664866177852.1454272629
.hinet.net/	1970-01-20 16:03:46	Name: uuid Value: 885585f9-091c-4444-b1d9-5a5b759b082e
.reurl.cc/	1970-01-20 15:13:22	Name: __htid Value: 885585f9-091c-4444-b1d9-5a5b759b082e
reurl.cc/	1970-01-20 07:10:58	Name: CFFPCKUUID Value: 2609-LckY6NJpB7eGS5qKGAGQQ1egjFaVVaNf
.reurl.cc/	1970-01-20 07:10:58	Name: CFFPCKUUIDMAIN Value: 4622-hukPwInBLDgsunfFXQYYHUpDZdI41SmI
.prnasia.com/	1970-01-20 06:27:47	Name: __cf_bm Value: l4Eyw.rc4PEmqbNAtv5eVPYnOP7y68_8KPhoqs.24jM-1664866177-0-Aa4rkW8yC1zST4LPUzosi2k6YeK+0Ze2Yr+kC45q47SlwCHg60jar+eILvmn9Pcy0tDbPGiz5+wNs2dq5a68Na4=
.reurl.cc/	1970-01-20 06:27:49	Name: _ht_em Value: 1
.mookie1.com/	1970-01-20 15:56:34	Name: id Value: 10526601180875211887
.mookie1.com/	1970-01-20 15:56:34	Name: mdata Value: 1\|10526601180875211887\|1664866178003
.mookie1.com/	1970-01-20 15:56:34	Name: ov Value: 899d38c937cbe56f7a9b7c150934652a
.c.appier.net/	1970-01-20 15:13:22	Name: _auid Value: J2bJKmBHAouai4ltgtc7Yw
.holmesmind.com/	1970-01-20 06:48:53	Name: Vision Value: 20221004-23:59,20221004-17,20221004-17,20221004-23:59
.holmesmind.com/	1970-01-20 06:48:53	Name: C Value: null
.holmesmind.com/	1970-01-20 08:52:43	Name: RK Value: null
.holmesmind.com/	1970-01-20 16:03:46	Name: P Value: 215413-LQfeyxKhaE73iMT9BUhIU8Mn3oimBhcX
.reurl.cc/	1970-01-20 06:29:12	Name: _ht_hi Value: 1
.reurl.cc/	1970-01-20 06:29:12	Name: _ht_a546ca Value: 1
.reurl.cc/	1970-01-20 15:49:22	Name: __gads Value: ID=7844bb53df64d504-221db356d7d60044:T=1664866178:RT=1664866178:S=ALNI_MY8q2RC9iKWBXCh7MlJI4grG4q0bA
.reurl.cc/	1970-01-20 15:49:22	Name: __gpi Value: UID=00000a190f8ba5d6:T=1664866178:RT=1664866178:S=ALNI_Mb53qrMlfwRvoRkuPJGmeyGjVXSzA
.reurl.cc/	1970-01-20 06:29:12	Name: _ht_50ef57 Value: 1
.doubleclick.net/	1970-01-20 16:03:46	Name: IDE Value: AHWqTUmo0_7ZHyV9SD413Y6aGDK6uMAToDR9Z7BArJvwJhuZT3h0_Hs0mDHZ1-IKnlA
.holmesmind.com/	1970-01-20 06:48:53	Name: R Value: null
.holmesmind.com/	1970-01-20 08:52:43	Name: G Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/	1970-01-20 16:03:46	Name: d Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.aralego.com/	1970-01-20 15:13:22	Name: sspid Value: c7443f69-5929-32cd-90f6-133389ef0802
.aralego.com/	1970-01-20 15:13:22	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 15:13:22	Name: gdpr Value: 1
.casalemedia.com/	1970-01-20 15:13:22	Name: CMID Value: YzvXhQizfnX6eBxt21jUhAAA
.casalemedia.com/	1970-01-20 08:37:22	Name: CMPS Value: 5529
.casalemedia.com/	1970-01-20 08:37:22	Name: CMPRO Value: 5529
.casalemedia.com/	1970-01-20 08:37:22	Name: CMTS Value: 5478
.smaato.net/	1970-01-20 06:58:00	Name: SCM Value: 8ed1d807
.smaato.net/	1970-01-20 06:42:53	Name: SCMg Value: 8ed1d807
.yahoo.co.jp/	1970-01-20 15:13:22	Name: XA Value: 1bq4319hjnls5&sd=B&t=1664866181&u=1664866181&v=1
.yahoo.co.jp/	1970-01-20 16:03:46	Name: XB Value: 1bq4319hjnls5&b=3&s=8k
.r-ad.ne.jp/	1970-01-20 10:46:58	Name: r_ad_token Value: 50n6nf00bBDGa007ypRW
.ctnsnet.com/	1970-01-20 15:13:22	Name: cid_79863107865d4b37b7da8329ab4d1085 Value: 1
.ctnsnet.com/	1970-01-20 15:13:22	Name: gid_CAESELYmBNL38XBkNmqEXtKiP6Y Value: 1
.openx.net/	1970-01-20 15:13:22	Name: i Value: ab083a76-b771-4c1a-9048-e5efb8b45044\|1664866181
.send.microad.jp/	1970-01-20 08:37:22	Name: TR Value: 0eb8ecaae7ac478f034814bc4c1360d6
.sharethrough.com/	1970-01-20 07:10:58	Name: stx_user_id Value: df557c26-f1ed-46f3-a45f-f4a835a73393
.yieldmo.com/	1970-01-20 15:13:22	Name: yieldmo_id Value: gba1438865947343890d%7C1664866181425%7C0%7C
.turn.com/	1970-01-20 10:46:58	Name: uid Value: 4398129777367301238
.adnxs.com/	1970-01-20 08:37:22	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaQsv]y!@wnfH8K6pQK`!5=E<L5?%K@Y]G^Y2G^wM6%X]+7SZV-g[0p4>sZy3voH:8%nugO%v4VB%nn`B*.tVj
.adnxs.com/	1970-01-20 08:37:22	Name: uuid2 Value: 1172167639032414082
.quantserve.com/	1970-01-20 08:37:22	Name: d Value: EB8BCQGgJ4EA
.quantserve.com/	1970-01-20 15:58:00	Name: mc Value: 633bd785-68bad-eac53-be0de
.fout.jp/	1970-01-20 16:03:46	Name: uid Value: QxVtfhlaZMZTvQA51voKX-F_sXc
fksnk.com/	1970-01-20 06:37:50	Name: AWSALBCORS Value: mpMrRScjBJyBeFYp7209d283najtgK3OaFm5/S7R7UYQoDGPh+gFzDd5d+owEgapADwK1thO0iTlZ7QEozF9qbnJrbL4heZo7Pqe2DlUjAa06Gtq3joKIDjaJVGp
.fksnk.com/	1970-01-20 08:37:22	Name: f_001 Value: 3CE31AEF915BC7C2
.fksnk.com/	1970-01-20 06:29:12	Name: g_001 Value: 1
.mediago.io/	1970-01-20 16:03:46	Name: __mguid_ Value: 0ce22d41943dda7d0280c21ba1ed7902

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESECrsRksKvLgruSDd2R5EjdQ&google_cver=1&google_push=AZmPxg_20899NOBflRnuWIy4zUAeHnP5v8ZxT_PkgMXmnSLoKCsRMBezznMurdriURRlgvggDysm3otEBmIp4hSskKe_7lmP-QEjbCM Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

41e19a6a77305dd49713ef69afb27eb4.safeframe.googlesyndication.com
76f43514607048bbf0972e7f93706aab.safeframe.googlesyndication.com
885585f9-091c-4444-b1d9-5a5b759b082e.t.ssp.hinet.net
ad.holmesmind.com
ad.turn.com
ad2.apx.appier.net
adcdn.holmesmind.com
ads.aralego.com
ads.yieldmo.com
adservice.google.co.jp
adservice.google.com
bidder.criteo.com
blog.alphaloan.co
c.holmesmind.com
cache-ssl.celtra.io
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
cdn.rawgit.com
cdnjs.cloudflare.com
cksync.yahoo.co.jp
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cs.r-ad.ne.jp
dsum-sec.casalemedia.com
fcm.holmesmind.com
fksnk.com
fonts.gstatic.com
fp.holmesmind.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i0.wp.com
ib.adnxs.com
img.gbyhn.com.tw
img.racingcharger.tw
ipac.ctnsnet.com
m.holmesmind.com
match.sharethrough.com
mma.prnasia.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
prebid-asia.creativecdn.com
prebid.scupio.com
r.turn.com
re-news.tw
reurl.cc
s-cs.send.microad.jp
s.ad.smaato.net
s0.2mdn.net
securepubads.g.doubleclick.net
static-tagr.gd1.mookie1.com
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
storage.reurl.cc
sync.aralego.com
sync.fout.jp
t.ssp.hinet.net
tpc.googlesyndication.com
trace.mediago.io
tw-gmtdmp.mookie1.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagservices.com
www.gstatic.com
fcm.holmesmind.com
103.132.192.30
103.254.153.160
103.43.89.4
104.18.18.126
13.225.173.56
139.99.49.250
142.250.199.98
142.251.42.130
172.105.203.31
18.177.11.95
182.161.74.18
182.22.24.124
192.0.77.2
192.0.78.187
2001:df2:a300:bbbb::135
202.232.238.37
202.233.84.8
203.75.214.136
210.59.219.181
212.102.50.58
23.10.15.101
2404:6800:4004:801::2002
2404:6800:4004:801::2006
2404:6800:4004:810::2002
2404:6800:4004:811::2002
2404:6800:4004:811::2004
2404:6800:4004:81c::2003
2404:6800:4004:81f::2001
2404:6800:4004:820::2003
2404:6800:4004:822::2002
2404:6800:4004:822::2003
2404:6800:4004:823::2002
2404:6800:4004:824::2002
2404:6800:4004:825::2001
2404:6800:4004:825::200e
2404:6800:4004:827::2002
2404:6800:4008:c01::9d
2406:2600:4::1
2600:9000:2142:5000:1b:5138:8a40:93a1
2600:9000:2142:e800:3:1794:2540:93a1
2600:9000:21c5:3600:0:e06c:e940:93a1
2606:4700:20::ac43:47fe
2606:4700:3032::6815:43a6
2606:4700:3034::6815:6009
2606:4700::6810:5614
2606:4700::6810:fc04
2606:4700::6811:190e
2620:116:800e:21:46d:7e81:55ff:4c12
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
3.0.179.214
34.102.176.152
34.117.219.39
34.149.98.30
34.205.254.195
34.95.67.231
34.96.119.68
35.185.130.121
35.185.136.122
35.186.193.173
35.201.76.93
35.208.249.213
35.227.202.26
35.227.249.156
35.244.159.8
35.244.196.223
52.221.113.7
52.68.234.1
64.120.88.131
8.39.36.141
003c6c7476d2158d18f48473e7071c87f48e8e1cf957343020a148c97ba30482
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
04a1537a418972706b5185837242e72f33270367a386741e922570b46d97e0ba
051141599f128f399f2cd53514ee1c28ba9d269ce1b065ba81dcc4b11a5d3b02
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a0c38a5360cea04600fda81109a0aa60740cc6e182342ebab6029405d19eab9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
10407b8212733e00354b330f4e4790764e6bc187a9d2b6b62b27aeb387bc268b
117930520d6bebc3a56262582b51189fbcd44348bd37febcd7b04f8a651524ac
119e37f6f9552a67b6f761070add78e7f93db654027478a7c51e9e34f955b841
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935
16ffdbe815b341deb7bbc1b8f826f40ec15d27ec797e68d93376db939a72e9a8
19588a8fe2503dba010efc8cf950c9227bfd2eaf1ea7dea26d5a7aa8b3cd0c70
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
226666102666cf1058c1f5e77ca117b68189867b3247f80e4c6e04fa2cba6da0
252e019539e011a95261ec4f3b15f6792e1fb76760467257c723db9dee980da6
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a
2950bc3fd628cb8a8c6b1367f664e31353a6ff9edd99c3f2831ce548610a05b0
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
379258bd378f7651e24441891fb0b24cd8c89f46a92e4b8364692a5ac023b9d9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42f86d8949e2708514d5fe4e161beb598b609fc070a816a8344f2379d95d1531
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4df844aeb1bfe309f06fc5649a9184e530ed746bb1209a3f3c7dd8b52c49814c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed1a32f3d92aa29a32d9242d77a8f1594112b71a2e03dd47f37c84ca0b20611
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f7c0f405af869b0d47570f8c5a217b989b06c944c5e0ce0b87a9e0b4c4456e2
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54a6606bed93bee86d6763cdc2f435c3501de5b129044f7896fda2080e9d5caa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57ccc997557736fe14c0a711336f7fa4e52aec8c657ec0a6c84dd53b64c2ad28
584817003be05eb175bc89f04f6f3d5715376d63f6ea47c319e69cf9c0299b4e
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5bf75136727678281c6a22a70b076465805bd0364caafb5e0f223e55faadbd73
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6189cd19ddc3a81195a1f4e7b62fcdc7b7beee3fd1fffb1881cb18488b702d8e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a62225a4e6e5ea098b9ed6aa19c2149880cbd6d3e0314f2b875a32b1f8ce25
62b1f0416c870a765b275a92d20b350ba2697d40004df32d8684d0ecbee11cad
66965182a2da0d9a1de442eb632b1c82101c218a233e117436c7d6a3d6d4371c
67b18fc7710b8125dbc17abd2d9824c1e96f2b54d62697b5b692e9c95273af81
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d49bb75b599d30a3703d3b36d57bfe92fbb82d4a08db3e6e0e9d36dce0d6fbe
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037
6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808
70bb57e420dc8be5ddc319383c340e075ee0818b200d3b435b817473cb33bfe3
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
7955b3950833a681922217245311df828eac375ce6fd85b5b2d7005a86ade298
7cd02709331c2e467568e899d8931ce9535e72ed66536584e1144b9a071a6b47
7ec39f2dd01910076f860ac5dd6f4f31039deab7aded42581eb14ab83b4f7b41
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e
83d6b614c93ba33591828c57d44561c03307e4e5322db729c2689fdf16cbc5a0
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
8975086a5c8d5d0e75985c5addc620c07f793f14b52e4a2e5c50870ac14d3856
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8be49b16e8e15df332c53cb962ac2d7cd2ee19f2d2424c6fe213a0acc095a7e1
8cb22edccb12f17af8782e0a2a45f78c94a850fc147d01d0faab59d1fae178c3
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
927ef7ec39066c8d3acbc0e219bd46ec934d9f24fdb9463405b3df226f5f039a
9316e08c224b7ee37b43359d5a87860003b3934f71e0d9a279dc12be2464f6cf
973c1c3635e44bf3bfe4fe4d5acbd83f571d5dbcb80046d161e1ca19963282dc
99616e8fd74582c6f0be1c2e14e8ddabcca1f5388fb7be2a69231d9348f8f286
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f
9ce5aa1a66def1193e805da029a4ed60a113bca5ccf50dae4effd27f4580a1d8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793
a93f716cf27b006ca9b1cf4379be09a005335f365b3295659a07733c6c2127e1
a95e34a14ba43354909f31837c384802c155ae6908e632a91051df2fd271e7ce
a9d9b6ad855e3519a6e1855e246f96ed682cac5ef46de032038c949615d1f5c0
ab5c98cd2ebe349135994b1d8ce5b356a88cea517868c16345aa132e9a89e41c
ab79dd1e584e9b9ff4104d2d7d617ede2560c23461a26eaa736d639f0d252494
ad1006d833864b5dbe0b5f3a9c4add99d2f5d35597e13c6cf2a40cb7e8337cbb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afc3261eac9e8f5606c513fa7c62f5add4200b8d171d1972f11abe2ec1a0ac41
b12bb41d084e3054bcafe5df2a6f03715bc803de1cf7edc4a88b640e41038bcd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b288abf726128b05c6d09df7dcec96fa7a6cd8f0924032d479e6f161ae0115df
b3105908d85e5136b409669ee0615fcd3b289a8cef67dc3e2fd77fe7481775e2
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b8fe424887643513e694390df25cc96c1e15259f226ae89f67210d201ac07ba4
b9c633ec99609ca505f411564dcff965e53a1114c7953375ad457706df7ff319
bac106a2f97c9bed79e7fc1dc95a1642a5896d38551626fabb49e6e23ba09798
bb3afd6f725fa4936e47d9090080bf09d11f753debb8171a39cba44992a31644
bec7e5a49219ef10544321dbd44f27849644f20623c16f05baeeeaa73e3b9332
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c0c9b8b74d1adc173f31e26ad5bb6c6cc8f9ea03da924c488ddec4a4cce64ae5
c293a88b3450b0ac123f70a2b74b7bac240b0f95d2a0a149de0b6e8743f1b64b
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36
cc6cc9902ba2c4a1365a4cee4fa6806e040ce0882d39fe0e6258faf1ff05170b
cd42c2aaf9bb3ea7ad6ea15458266d65693e6b7d01e280f12bcdd1a7e0ce6133
cd5ab7c7306798deef3df999f76cbcde7ac2e7e51b6bac60c36da4250151b79f
d0dea3053bb430e8bd109cf437483b41412361b3e67acfe70e8a02c58098bc30
d2d0ad5cf494983519541fa16f295d3f541cdcd3837f0deb5716fe8e43a020d5
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d562e2db81cf5d2baf4d0b8c5915b09228eacb7c9d6244369833f3eb3a75dc86
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d82c821f7dd327af20b7e06792d77f9728cffe459af95d8d13e2ff8180c70437
d91aeaab8e210f7616bd1f867ea8742261e3f37986433cf8a266bc54c8b96adb
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
deadef603d503c2ddb416b3d7f6f9127cfe5cafb9e845d4db061ab3ff7be57d2
dede984ccfbc82ba4591290ef567d7ca7de716e47cde227bab2fc493fbca6f1b
e1154409e706f5b4c404517c182772f5f0d315f196a40e2efd4e31968990111a
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e5604c04b2b6c10df020ef9895c12d285291549ad870cc17e4d148e67725d1d0
e62984ee36c5055e97a28d243457a169b9e9926c9711aa3aa7a77c5933abd3f8
e830fb2cd84ed7cc6eb54b4f7b682ddc8bf7dfe2bc02c3662631f0ee9abda2b7
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
eba15572b76b3949dc1821a9e6d1c75a4b89c5bcd4531f1bd8c073df5c075642
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631
f307b0f11d5462ae6daf0e71cf9f4663790d257db8c98a9ee90eb1a2f3dd8419
f3481bf12191837d5e19d9526f18fd20fc88395a403c1a0b098eeef10a7f56ab
f36606609aec67ef4c837afa7079cea8f38de947c92e296c12e8675771dc35d1
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f4fcbedc3f21fc14bfcfe2a4e71236b85980a8e24a0d1eee42bd792241e0ef10
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f8b0f88a8197ec7271948a5c581ae86ccadde57bbe8b3a94d03abf74cb702475
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fbc7902e176b1646bc2e24f16b99e4e66202dec68342e8e9609f5d5cfe57697f

reurl.cc Open in urlscan Pro 35.185.130.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

323 Requests

89 %HTTPS

43 %IPv6

51 Domains

74 Subdomains

58 IPs

7 Countries

7577 kBTransfer

11536 kBSize

59 Cookies

20 Outgoing links

Page URL History

Redirected requests

323 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Screenshot
Live screenshot

Full Image

323
Requests

89 %
HTTPS

43 %
IPv6

51
Domains

74
Subdomains

58
IPs

7
Countries

7577 kB
Transfer

11536 kB
Size

59
Cookies

323 HTTP transactions
2 data transactions